In its seventh CIA leak since March 23rd, WikiLeaks has just revealed the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN). The CIA tool works by redirecting a target’s
The CIA tool works by redirecting a target’s web page search to a CIA server which serves up a web page that looks exactly like the original page they were expecting to be served, but which contains malware.
It’s only possible to detect the attack by examining the page source.
Per WikiLeaks:
Today, May 5th 2017, WikiLeaks publishes “Archimedes”, a tool used by the CIA to attack a computer inside a Local Area Network (LAN), usually used in offices. It allows the re-directing of traffic from the target computer inside the LAN through a computer infected with this malware and controlled by the CIA. This technique is used by the CIA to redirect the target’s computers web browser to an exploitation server while appearing as a normal browsing session.
The document illustrates a type of attack within a “protected environment” as the tool is deployed into an existing local network abusing existing machines to bring targeted computers under control and allowing further exploitation and abuse.
RELEASE: CIA ‘#Archimedes‘ system for exfiltration and browser hijacking. Includes manuals and binary signatures. https://t.co/XWr33GMGDN pic.twitter.com/TEyhABJvbO
— WikiLeaks (@wikileaks) May 5, 2017
The RT provided more details:
The Archimedes tool enables traffic from one computer inside the LAN to be redirected through a computer infected with this malware and controlled by the CIA, according to WikiLeaks.
The technique is used to redirect the target’s computer web browser to an exploitation server while appearing as a normal browsing session, the whistleblowing site said. In this way, the hackers gain an entry point that allows them access to other machines on that network.
The tool’s user guide, which is dated December 2012, explains that it’s used to re-direct traffic in a Local Area network (LAN) from a “target’s computer through an attacker-controlled computer before it is passed to the gateway.”
This allows it to insert a false webserver response that redirects the target’s web browser to a server that will exploit their system all the while appearing as if it’s a normal browsing session.
Archimedes is an update to a tool called ‘Fulcrum’ and it offers several improvements on the previous system, including providing a method of “gracefully shutting down the tool on demand.”
How is US government malware developed? WikiLeaks’ release today of the CIA’s ‘Fulcrum’ malware shows how https://t.co/wrke6MC5ex pic.twitter.com/R5tO7dVYPz
— WikiLeaks (@wikileaks) May 5, 2017
Stories published in our Hot Topics section are chosen based on the interest of our readers. They are republished from a number of sources, and are not produced by MintPress News. The views expressed in these articles are the author’s own and do not necessarily reflect Mint Press News editorial policy.
Source Article from http://www.mintpressnews.com/wikileaks-reveals-details-of-cia-archimedes-tool-used-to-hack-local-area-networks/227545/
Views: 0