i Wikileaks CIA Leak – Vault 7 Projects Series – All things in moderation

Wikileaks CIA Leak – Vault 7 Projects Series

Start at March 7 2017, Vault 7 are the series of leaks on the U.S. Central Intelligence Agency (CIA), which currently includes following:

CouchPotato – a remote tool to spy on video streams remotely in real-time.

Dumbo – A tool that capability to suspend processes utilizing webcams and corrupt any video recordings that could compromise a PAG deployment.

Imperial – The CIA project Developed three hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems.

Raytheon – Raytheon Blackbird, the technologies for the Remote Development Branch (RDB) of the CIA by analysing malware attacks in the wild and giving recommendations to the CIA development teams for further investigation and PoC development for their own malware projects.

Highrise – an SMS messaging Android application designed for mobile devices running Android 4.0 to 4.3, that provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.

BothanSpy – Two CIA project (BothanSpy and Gyrfalcon) that allowed the attacker to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors.

OutlawCountry – The project that targets computers running the Linux operating system allow hackers redirect all outbound network traffic on the targeted machine to CIA controlled computer systems for exfiltrate and infiltrate data.

Elsa – The CIA malware that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system.

Brutal Kangaroo – A tool suite for Microsoft Windows that targets closed networks or air-gapped computer systems within an organization or enterprise without requiring any direct access.

Cherry Blossom – A framework, basically a remotely controllable firmware-based implant, used for spying on the Internet activity of the targeted systems by exploiting flaws in WiFi devices.

Pandemic – a CIA’s project that allowed the attacker to turn Windows file servers into covert attack machines that can silently infect other computers of interest inside a targeted network.

Athena – a spyware framework that has been designed to take full control over Windows PCs remotely, and works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.

AfterMidnight and Assassin – Two apparent CIA malware frameworks for the Windows platform that has been designed to monitor and report back activities of the infected remote host computer and execute malicious actions.

Archimedes – Man-in-the-Middle attack tool created by the CIA to target computers inside a Local Area Network (LAN). Scribbles – Software reportedly designed to embed ‘web beacons’ into confidential files and documents, allowing the attacker to track whistleblowers and insiders.

Grasshopper – A framework which allowed the attacker to easily create custom malware for breaking into Windows operating system and bypassing antivirus protection.

Marble – The source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the spying attacker to hide the actual source of its malware.

Dark Matter – Revealed hacking exploits the CIA designed to target iPhones and Macs.

Year Zero – The first full part of the series includes several CIA hacking exploits for popular hardware and software (8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina).



Leave a Reply