Thursday, August 31, 2017

CIA sneak undetectable ‘malicious’ implants onto Windows OS - WikiLeaks

CIA sneak undetectable ‘malicious’ implants onto Windows OS - WikiLeaks
Published time: 31 Aug, 2017 11:27

WikiLeaks claim the leaks came from within the CIA.

Windows machines are targeted by the CIA under ‘Angelfire,’ according to the latest release from WikiLeaks’ ‘Vault7’ series. The documents detail an implant that can allow Windows machines to create undetectable libraries.

‘Angelfire’ consists of five components – ‘Solartime,’‘Wolfcreek,’ ‘Keystone,’ ‘BadMFS,’ and the ‘Windows Transitory File system,’ according to a statement from WikiLeaks released on Thursday.

‘Solartime’ modifies the partition boot sector of Windows XP or Windows 7 machines when installed, allowing the ‘Wolfcreek’ implant to load and execute. ‘Wolfcreek’ can then load and execute other ‘Angelfire’ implants.

Previously known as ‘MagicWand,’ ‘Keystone’ loads malicious user applications on the machine which never touch the file system, leaving “very little forensic evidence that the process ever ran” according to WikiLeaks.

READ MORE IN ARTICLE
https://www.rt.com/news/401568-cia-hacks-angelfire-wikileaks/
============================

ALSO SEE

https://www.bleepingcomputer.com/news/security/cia-developed-windows-malware-that-alters-boot-sector-to-load-more-malware/
CIA Developed Windows Malware That Alters Boot Sector to Load More Malware


https://sputniknews.com/science/201708311056952079-wikileaks-cia-angelfire/
WikiLeaks Publishes Info on CIA's Tool to Secretly Load Implants on Computers
The WikiLeaks whistleblowing platform released Thursday new documents from the Vault 7 series, which contain information on the tool which the CIA used to load and execute implants targeting computers using Microsoft Windows operating


https://www.cso.com.au/article/626753/wikileaks-vault-7-cia-stealthy-angelfire-windows-malware/
WikiLeaks Vault 7: CIA’s stealthy Angelfire Windows malware


https://www.dailysabah.com/americas/2017/08/31/wikileaks-reveals-cia-tool-for-secretly-loading-executing-implants-on-computers
WikiLeaks reveals CIA tool for secretly loading, executing implants on computers

http://www.devopsonline.co.uk/angelfire-framework-implants-backdoor/
AngelFire framework implants backdoor
By Leah Alger - Aug 31, 2017
https://www.rt.com/news/401568-cia-hacks-angelfire-wikileaks/
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)