Wikileaks has revealed more classified information about CIA as a part of its Vault 7 leaks. Here’s what you need to know about it.
CIA Hired Raytheon Blackbird Technologies
This new leak signifies that CIA worked hired a cyber security company called Raytheon Blackbird Technologies. According to Raytheon’s website, they specialize in mission control systems for “modern warfare”.
Their goal was to help the agency’s Remote Development Branch (RDB) and give them new ideas for developing malware.
Blackbird Technologies sent five reports to the agency between November 2014 and September 2015 as a part of the UMBRAGE Component Library (UCL) project.
Their research teams were collecting publicly available malware code to help CIA develop their own tools. In their reports, there were assessments for malware attack vectors and their demonstrations.
Surprisingly, Raytheon’s reports were very brief and amateurish. The information contained within is of little to no use even for a novice hacker. In some reports, the so-called “experts” also published a lot of information that was flat out wrong.
In many instances, the so-called “experts” published a lot of information that was flat out wrong.
New Malware Projects
Here’s a brief description of the latest projects CIA was working on. Thankfully, none of them affects iOS in any manner.
HighRise is an app developed for Android mobile operating system. It is compatible with versions 4.0 to 4.3 only. This app is aimed at secure communication and acts as an SMS proxy.
It provides a secure communications channel between two devices with TLS/SSL encryption.
BothanSpy is designed to hack into a secure network and extract its SSH credentials. It is compatible with Windows operating system.
It targets Xshell, a third-party SSH/Telnet client, and terminal emulator. The malware steals username and password for active SSH sessions.
Afterward, it automatically transfers those credentials back to CIA and can even save it in an encrypted file on the target machine.
The OutlawCountry project targets Linux operating system. It redirects all outbound traffic on the target computer to CIA.
This malware directly attacks the kernel and creates elevated network rules without the knowledge of the system administrator.
For more news and updates, follow us on Facebook and Twitter.