Arabic AR Chinese (Simplified) ZH-CN English EN French FR German DE Japanese JA Portuguese PT Russian RU Spanish ES Ukrainian UK

CIA can hack & track Windows devices via their wifi connections

Latest news

    View the original article:

    WikiLeaks has released the latest Vault 7 batch of CIA hacking exploits. ‘ELSA’ is malware used to track WiFi-enabled devices running Microsoft Windows, allowing the CIA to gather location data on a target’s device and monitor their patterns and habits.

    ELSA tracks the geolocation of wifi-enabled devices, providing the CIA with a target’s “pattern of life,” by recording details about wifi access points near the target machine.

    The malware allows the CIA to track a target’s location even when they’re not connected to the internet. All that’s needed is for the device to be wifi-enabled and in an area where wifi access points are in range. Using wifi for geolocation means GPS isn’t required.

    ELSA was initially created in 2012, according to a 2013 user manual obtained by WikiLeaks. The manual is marked as ‘secret, noforn’ – meaning it’s not to be shared with other countries.

    When the target device is connected to the internet, ELSA attempts to use public geolocation databases from Google or Microsoft to track the device’s location, and stores the longitude, latitude and timestamp in encrypted form on the device for the CIA to extract at a later time.

    ELSA was developed by the Engineer Development Group (EDG), the division that manufactures the CIA’s hacking tools. The EDG is part of the Center for Cyber Intelligence (CCI).

    ELSA differs from previous CIA Vault7 leaks in that the malware doesn’t beacon information from the target device back to a CIA server. Instead, the data must be retrieved from the device using other tools in the CIA’s collection of exploits and hacks. The manual doesn’t specify which particular tools are used to do this.

    According to WikiLeaks, ELSA can be customized to suit the target environment and the objectives of the CIA. For example, the sampling interval, logfile size and persistence method can all be customized to suit the aims of the infiltration.

    According to the manual, “some Anti-Virus (AV) suites such as Kaspersky and Rising protect critical system processes” from the injection technique used in ELSA. “Deploying ELSA to these systems requires careful system survey, targeting, and/ or cover application for processes vulnerable to this type of injection,” the manual explains. 

    ELSA is designed to be injected into an existing process on a device’s system. “It’s delivered in the form of a DLL,” the manual reads. A Windows DLL (Dynamic Link Library) is a library of code and data that can be used by more than one program at the same time. It helps operating systems and programs run faster and use less space.

    ELSA also uses a configuration tool (patcher) and post processor. It uses the command-line tool, Microsoft Windows RegSvr32, to perform the installation.

    In the same category are

    When FARA is not far enough: US lawmakers invent new ways to brand RT as propaganda US lawmakers are suggesting new ways to brand RT and Sputnik as “propaganda,” believing registration as ‘foreign agents’ is not enough. RT is already ...
    EU approves Bayer’s $62.5bn takeover of GMO & pesticide giant Monsanto Germany's Bayer won EU antitrust approval on Wednesday for its multi-billion-dollar purchase of Monsanto. The mega-merger is expected to reshape the a...
    ‘Next Deepwater Horizon disaster a matter of time’: Critics slam record offshore oil lease sale The Trump administration has held the biggest lease sale of oil and gas in US history. Environmentalists fear the auction will massively expand fossil...
    GOP Rep wants border wall between California and Arizona to ‘keep out criminals’ It’s not just the US-Mexico border which could witness a forbidding wall cropping up soon. A GOP representative wants to build a similar barrier betwe...
    ‘US military a bunch of dumb s**ts’ – teacher fired for rant A California teacher filmed describing US military personnel as “dumb s**ts” in an astonishing rant has been fired. The decision to sack Gregory Salci...

    Leave a comment

    Your email address will not be published. Required fields are marked *