CIA can hack & track Windows devices via their wifi connections

Latest news

    View the original article:

    WikiLeaks has released the latest Vault 7 batch of CIA hacking exploits. ‘ELSA’ is malware used to track WiFi-enabled devices running Microsoft Windows, allowing the CIA to gather location data on a target’s device and monitor their patterns and habits.

    ELSA tracks the geolocation of wifi-enabled devices, providing the CIA with a target’s “pattern of life,” by recording details about wifi access points near the target machine.

    The malware allows the CIA to track a target’s location even when they’re not connected to the internet. All that’s needed is for the device to be wifi-enabled and in an area where wifi access points are in range. Using wifi for geolocation means GPS isn’t required.

    ELSA was initially created in 2012, according to a 2013 user manual obtained by WikiLeaks. The manual is marked as ‘secret, noforn’ – meaning it’s not to be shared with other countries.

    When the target device is connected to the internet, ELSA attempts to use public geolocation databases from Google or Microsoft to track the device’s location, and stores the longitude, latitude and timestamp in encrypted form on the device for the CIA to extract at a later time.

    ELSA was developed by the Engineer Development Group (EDG), the division that manufactures the CIA’s hacking tools. The EDG is part of the Center for Cyber Intelligence (CCI).

    ELSA differs from previous CIA Vault7 leaks in that the malware doesn’t beacon information from the target device back to a CIA server. Instead, the data must be retrieved from the device using other tools in the CIA’s collection of exploits and hacks. The manual doesn’t specify which particular tools are used to do this.

    According to WikiLeaks, ELSA can be customized to suit the target environment and the objectives of the CIA. For example, the sampling interval, logfile size and persistence method can all be customized to suit the aims of the infiltration.

    According to the manual, “some Anti-Virus (AV) suites such as Kaspersky and Rising protect critical system processes” from the injection technique used in ELSA. “Deploying ELSA to these systems requires careful system survey, targeting, and/ or cover application for processes vulnerable to this type of injection,” the manual explains. 

    ELSA is designed to be injected into an existing process on a device’s system. “It’s delivered in the form of a DLL,” the manual reads. A Windows DLL (Dynamic Link Library) is a library of code and data that can be used by more than one program at the same time. It helps operating systems and programs run faster and use less space.

    ELSA also uses a configuration tool (patcher) and post processor. It uses the command-line tool, Microsoft Windows RegSvr32, to perform the installation.

    In the same category are

    Dozens of Palestinians injured by Israeli forces during protest at Gaza border (PHOTOS) Dozens of Palestinian protesters have been injured by Israeli forces gathered at the Gaza border for the Great Return March, according to the Ministry...
    Russia-Mexico bout in ‘World Vodka Championship’ ends in a tie (VIDEO) WORLD CUP 2018 LIVE #FansEyeView #FootWall 23 Jun, 2018 12:23 ‘One of the best games we’ve seen’ – Schmeichel on pulsating Swiss win over Serbia (V...
    ‘One of the best games we’ve seen’ – Schmeichel on pulsating Swiss win over Serbia (VIDEO) RT guest host Peter Schmeichel says Switzerland’s win over Serbia in Kaliningrad was one of the World Cup’s best games so far, after Xherdan Shaqiri s...
    CNN, MSNBC look away as Trump hosts families of victims killed by illegal immigrants President Donald Trump hosted families who lost loved ones to crimes committed by illegal immigrants. CNN and MSNBC cut their coverage of the White Ho...
    Black communities mentally scarred when cops kill unarmed African-Americans – study Fatal shootings of African-Americans by police have negatively impacted the mental health of their communities, says a new study that comes amid natio...
    ‘You can stay here after Brexit’: Home Sec Javid bizarrely tells Welsh MPs they can live in UK UK Home Secretary Sajid Javid has written to Welsh MPs, telling them they will be allowed to ‘continue their lives here’ after Britain leaves the EU. ...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.