Suddenly, out of nowhere, the CIA appeared.
Researchers from the Netlab team of the Chinese infosec vendor Qihoo 360 last week released a report on the Hive modification caught in the wild for the first time.
Let's remember what Hive is. In a nutshell, this is a democratic cyberdildo in the service of LGBTQ+ hacktivists, which they insert into the hole of totalitarian regimes unintended for this purpose by nature in order to introduce liberalism and minority rights, an advanced malicious platform developed by the CIA (most likely by its APT Lamberts division) designed to manage infected systems and safely exfiltrate the information contained in them.
In November 2017, Wikileaks, following the sensational leak of confidential CIA information called Vault 7, staged another similar leak under the logical name Vault 8. And within the framework of Vault 8, Comrade Assange and his team published the source code of the Hive project and the corresponding documentation.
It is noteworthy that one of the fake certificates that the CIA generated for Hive was a Kaspersky Lab certificate. A kind of sophisticated revenge of the American intelligence community.
Now, after 5 years, Chinese researchers have discovered a RAT, which they called xdr33 and which was modified from the Hive code merged in 2017.
At the same time, Netlab believes that the detected malware does not belong to the CIA, in particular because of the low complexity of the modification and the vulnerability used by N-day (indeed, when it was the Americans who exchanged fresh holes - if 0-day ends, then you can always make fresh ones as part of the next software update).
In principle, there is nothing supernatural in this, just another private hacking tool of Americans in the service of commercial hackers that has got into the public.
And so, yes, they mostly have ponies with elves and Masks with Breen. They are thinking how else to make us all happy.