JUST IN... 7-13-17
Vault 7: CIA Developed Android Malware That Works as an SMS Proxy
https://www.bleepingcomputer.com/news/security/vault-7-cia-developed-android-malware-that-works-as-an-sms-proxy/
WikiLeaks published today the manual of another CIA hacking tool part of the Vault 7 leak series. This tool is referenced internally at the CIA under the name of HighRise and is an Android application for intercepting and redirecting SMS messages to a remote web server.
According to the leaked manual, HighRise only works on Android versions from 4.0 through 4.3 (Android Ice Cream Sandwich and Jelly Bean), but the document is dated to December 2013, and the tool was most likely updated in the meantime to support newer versions of the Android OS released during the past four years.
HighRise tool is also known as TideCheck
The actual HighRise tool is packaged inside an app named TideCheck (tidecheck-2.0.apk, MD5: 05ed39b0f1e578986b1169537f0a66fe).
The tool wasn't designed for social engineering attacks. CIA operatives have to install the app on the target's device themselves, and then manually run it at least one time for the tool to get boot persistence.
When starting the tool for the first time, CIA operatives must enter a special code to access its settings. This default code is "inshallah," which is the Arabic word for "God willing."
Once the code has been entered, the tool reveals its configuration panel, consisting of three buttons. One will start the tool, the second will show/edit the tool's configuration file, and a third will allow an operator to send an SMS from the phone to a remote CIA server.
According to the HighRise manual, the tool's main features are as follow:
➔ Send a copy of all incoming SMS messages to an Internet-based server controlled by a CIA operative.
➔ Send SMS messages from the target's smartphone.
➔ Provide a communications channel between the HighRise field operator & the LP.
➔ TLS/SSL secured internet communications.
According to the last two features, HighRise isn't necessarily a tool for installing on a target's phone, but the app can be installed on the phones of CIA field operatives and provide a secondary, encrypted communications channel between operatives and supervisors.
Today's dump is part of a larger series called Vault 7 contains documents WikiLeaks claims were stolen from the CIA by hackers and insiders. You can follow the rest of our WikiLeaks Vault 7 coverage here. Below is a list of the most notable WikiLeaks "Vault 7" dumps:
ᗙ Weeping Angel - tool to hack Samsung smart TVs
ᗙ Fine Dining - a collection of fake, malware-laced apps
ᗙ Grasshopper - a builder for Windows malware
ᗙ DarkSeaSkies - tools for hacking iPhones and Macs
ᗙ Scribble - beaconing system for Office documents
ᗙ Archimedes - a tool for performing MitM attacks
ᗙ AfterMidnight and Assassin - malware frameworks for Windows
ᗙ Athena - a malware framework co-developed with a US company
ᗙ Pandemic - a tool for replacing legitimate files with malware
ᗙ CherryBlossom - a tool for hacking SOHO WiFi routers
ᗙ Brutal Kangaroo - a tool for hacking air-gapped networks
ᗙ ELSA - malware for geo-tracking Windows users
ᗙ OutlawCountry - CIA tool for hacking Linux systems
ᗙ BothanSpy & Gyrfalcon - CIA malware for stealing SSH logins
==================================
ALSO SEE
https://www.rt.com/viral/396205-wikileaks-highrise-vault7-cia/
https://sputniknews.com/science/201707131055504019-wikileaks-cia-sms-android/
AndroidWikiLeaks Exposes CIA Hacking Tool Able to Intercept, Redirect SMS on AndroidCC0 / /
TECH
14:20 13.07.2017(updated 16:36 13.07.2017)
AND SEE THESE TOO
https://hothardware.com/news/wikileaks-exposes-cias-highrise-sms-spying-tool-in-latest-dump
WikiLeaks Exposes CIA’s HighRise SMS Spying Tool In Latest Vault 7 Dump
Read more at https://hothardware.com/news/wikileaks-exposes-cias-highrise-sms-spying-tool-in-latest-dump#lWuMvZCzmcCkQzSl.99
https://hothardware.com/news/wikileaks-exposes-cias-highrise-sms-spying-tool-in-latest-dump
by Paul Lilly — Monday, July 17, 2017
WikiLeaks Exposes CIA’s HighRise SMS Spying Tool In Latest Vault 7 Dump
Read more at https://hothardware.com/news/wikileaks-exposes-cias-highrise-sms-spying-tool-in-latest-dump#RTPD7jOrsF5Rwu53.99
https://betanews.com/2017/07/17/wikileaks-vault-7-highrise-sms/
WikiLeaks reveals CIA tool for SMS spying
https://www.bleepingcomputer.com/news/security/vault-7-cia-developed-android-malware-that-works-as-an-sms-proxy/
No comments:
Post a Comment