Hacking air-gapped machines — computers that are not connected to the internet, so theoretically less vulnerable — is always pretty interesting.
On Wednesday, Wikileaks published a series of alleged CIA documents that supposedly show how the intelligence agency's malware was designed to infect these sort of targets. Naturally, the documents indicate how the CIA has continued to develop its own hacking tools, allegedly targeting devices from smart TVs to internet routers. According to one of the documents, "Brutal Kangaroo is a tool suite for targeting closed networks by air gap jumping using thumbdrives."Read more
WikiLeaks just published details of a purported CIA operation that turns Windows file servers into covert attack machines that surreptitiously infect computers of interest inside a targeted network.
"Pandemic," as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers.Read more
WikiLeaks has released the user guide, demo and more of a new spy malware strain allegedly created and used by the CIA. The spyware targets all Windows versions and allows attackers to completely hijack computers, steal data and send it to CIA severs, delete data and upload malicious software.
According to WikiLeaks' documents, the spyware was created by the CIA, with help from a private New Hampshire-based cybersecurity firm called Siege Technologies. The spyware has two modules. While Athena, the primary module, targets Windows XP to 10, the secondary module dubbed Hera targets Windows 8 through Windows 10.Read more
Federal investigators suspect a vetted member of the U.S. intelligence community supplied WikiLeaks with the trove of previously unpublished CIA documents released by the anti-secrecy group last month.
A joint investigation launched by the CIA and FBI in the wake of last month’s WikiLeaks publication has given way to a manhunt within the federal government, sources familiar with the probe told this week. The material released by WikiLeaks was “classified and stored in a highly secure section of the intelligence agency,” and had likely been compromised by an individual with physical access to the documents, such as a CIA employee or contractor.Read more
Spying tools and operational protocols detailed in the recent Vault 7 leak have been used in cyberattacks against at least 40 targets in 16 different countries by a group Symantec calls Longhorn.
Symantec has been protecting its customers from Longhorn’s tools for the past three years and has continued to track the group in order to learn more about its tools, tactics, and procedures. The tools used by Longhorn closely follow development timelines and technical specifications laid out in documents disclosed by WikiLeaks. The Longhorn group shares some of the same cryptographic protocols specified in the Vault 7 documents.Read more
WikiLeaks has released the fourth part of ‘Vault 7’, named ‘Grasshopper’, the latest in a series of leaks detailing alleged CIA hacking techniques. It details malicious software WikiLeaks claims was taken from “suspected Russian organized crime.”
The latest release consists of 27 documents WikiLeaks claims come from the CIA’s ‘Grasshopper framework’, a platform for building malware for use on Microsoft Windows operating systems. In a statement from WikiLeaks, ‘Grasshopper’ was described as providing the CIA with the ability to build a customized implant which will behave differently, depending on the security capabilities of a computer.Read more
WikiLeaks’ latest batch of documents, named ‘Marble’, details CIA hacking tactics and how they can hamper forensic investigators from attributing viruses, trojans and hacking attacks to the spy agency. The tool was in use as recently as 2016.
The third release, which contains 676 source code files for the agency’s secret anti-forensics framework, is part of the CIA’s Core Library of malware, according to a statement from WikiLeaks. WikiLeaks said Marble hides fragments of texts that would allow for the author of the malware to be identified, meaning the agency allows another party to be blamed for the hack.Read more
A new Wikileaks release called DarkMatter was released today, affirming that the Central Intelligence Agency has long targeted Apple Macs, creating malware designed to evade the tech giant's security mechanisms.
The leak also revealed the CIA had been targeting the iPhone since 2008, a year after the landmark device was released. That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits, the kernel and the firmware of the device. One of CIA's implants was called NightSkies then appearing to list the year 2008, though Wikileaks claimed the tool was operational in 2007, the year of launch.Read more
A partnership between the secret-spilling group and Google, Microsoft, and Apple has already hit its first road block. Last week, WikiLeaks promised it would share the technical details and code of the hacking tools that the CIA has allegedly developed against Google, Apple, Microsoft and other tech companies.
This week, after days of waiting, the secret-spilling site finally made initial contact with the companies. But WikiLeaks founder Julian Assange's attempt to help these major tech companies find out exactly what bugs and vulnerabilities the CIA is or was allegedly taking advantage of, and then plug the holes, is not going very smoothly for now.Read more
The US intelligence agencies are facing fresh embarrassment after WikiLeaks published what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, apps and other electronic devices.
The thousands of leaked documents focus mainly on techniques for hacking and reveal how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices. The leak will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age.Read more