AgentX Posted September 3, 2017 ID:1160130 Share Posted September 3, 2017 Windows machines are targeted by the #CIA under ‘#Angelfire,’ according to the latest release from WikiLeaks’ ‘#Vault7’ series. The documents detail an implant that can allow Windows machines to create undetectable libraries. ‘Angelfire’ consists of five components – ‘Solartime,’‘Wolfcreek,’ ‘Keystone,’ ‘BadMFS,’ and the ‘Windows Transitory File system,’ according to a statement from #WikiLeaks released on Thursday. ‘Solartime’ modifies the partition boot sector of Windows XP or Windows 7 machines when installed, allowing the ‘Wolfcreek’ implant to load and execute. ‘Wolfcreek’ can then load and execute other ‘Angelfire’ implants. Previously known as ‘MagicWand,’ ‘Keystone’ loads malicious user applications on the machine which never touch the file system, leaving “very little forensic evidence that the process ever ran” according to WikiLeaks. Follow RT ✔@RT_com #Vault7: CIA can intercept & redirect SMS on Android, according to #Highrise document https://on.rt.com/8hpp ‘BadMFS’ is described as a library which stores all drivers and implants that ‘Wolfcreek’ can activate. In some versions it can be detected, but in most it’s encrypted and obfuscated, making it undetectable to string or PE header scanning, used to detect malware. ‘Windows Transitory File system’ is used to install ‘AngelFire,’ according to the release, allowing the addition or removal of files from it. WikiLeaks says the leaked ‘Vault 7’ documents came from within the CIA, which has in turn refused to confirm their authenticity. Previous releases include details on CIA hacking tools used to weaponize mobile phones, compromize smart TVs and the ability to #trojan the Apple OS. https://www.rt.com/news/401568-cia-hacks-angelfire-wikileaks/#.Wan8wgQdGVY.facebook Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now