CIA sneak undetectable ‘malicious’ implants onto Windows OS – WikiLeaks

Latest news

    View the original article: https://www.rt.com/news/401568-cia-hacks-angelfire-wikileaks/?utm_source=rss&utm_medium=rss&utm_campaign=RSS

    Windows machines are targeted by the CIA under ‘Angelfire,’ according to the latest release from WikiLeaks’ ‘Vault7’ series. The documents detail an implant that can allow Windows machines to create undetectable libraries.

    ‘Angelfire’ consists of five components – ‘Solartime,’‘Wolfcreek,’ ‘Keystone,’ ‘BadMFS,’ and the ‘Windows Transitory File system,’ according to a statement from WikiLeaks released on Thursday.

    ‘Solartime’ modifies the partition boot sector of Windows XP or Windows 7 machines when installed, allowing the ‘Wolfcreek’ implant to load and execute. ‘Wolfcreek’ can then load and execute other ‘Angelfire’ implants.

    Previously known as ‘MagicWand,’ ‘Keystone’ loads malicious user applications on the machine which never touch the file system, leaving “very little forensic evidence that the process ever ran” according to WikiLeaks.

    ‘BadMFS’ is described as a library which stores all drivers and implants that ‘Wolfcreek’ can activate. In some versions it can be detected, but in most it’s encrypted and obfuscated, making it undetectable to string or PE header scanning, used to detect malware.

    ‘Windows Transitory File system’ is used to install ‘AngelFire,’ according to the release, allowing the addition or removal of files from it.

    WikiLeaks says the leaked ‘Vault 7’ documents came from within the CIA, which has in turn refused to confirm their authenticity. Previous releases include details on CIA hacking tools used to weaponize mobile phones, compromize smart TVs and the ability to trojan the Apple OS.

    READ MORE: How the CIA spies on your everyday life, according to WikiLeaks

    In the same category are

    ‘Frankenfish’ sighting in Pennsylvania could spell disaster for local ecology News of a particularly unfriendly species of fish – known colloquially as "frankenfish" – being spotted in a Pennsylvania county has sparked concern a...
    Earth-based telescope takes super-sharp image of Neptune (PHOTOS) An incredible super-sharp image of planet Neptune has shown just how far earthbound telescope technology has come, producing an image quality that riv...
    Only yes means yes: Spain promises new sexual consent law Spain’s socialist government has vowed to introduce a new ‘only yes means yes’ sexual consent law to remove any ambiguities in rape cases following ou...
    ‘This is Iraq’: Rapper decries US legacy in Iraq in bitter parody of Childish Gambino (VIDEO) A musical video by an Iraqi rapper calling out the US on its abuses at Abu Ghraib and elsewhere in the war-ravaged country following the 2003 invasion...
    Nikki Haley calls Human Rights Council UN’s ‘greatest failure’ in bid to justify US exit US Ambassador to the UN Nikki Haley has launched another attack on the UN human rights body, calling it a failure for listing such countries as China ...
    More Croats watched World Cup semi with England than historic first-ever final – FIFA World football governing body FIFA released figures showing that fewer Croatian football fans tuned in to watch the nation’s first ever World Cup fina...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.