WikiLeaks Reveals "Archimedes": Malware Used To Hack Local Area Networks
May 5, 2017 8:55 AM
In its seventh CIA leak since March 23rd, WikiLeaks has just revealed
the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN).
The CIA tool works by redirecting a target's webpage search to a CIA
server which serves up a webpage that looks exactly like the original
page they were expecting to be served, but which contains malware. It’s only possible to detect the attack by examining the page source.
https://wikileaks.org/vault7/document/Archimedes-1_0-User_Guide/ https://wikileaks.org/vault7/document/Archimedes-1_3-Addendum/ https://wikileaks.org/vault7/document/Archimedes-1_2-Addendum/ https://wikileaks.org/vault7/document/Archimedes-1_1-Addendum/ https://wikileaks.org/vault7/document/Fulcrum-User_Manual-v0_62/
Today, May 5th 2017, WikiLeaks publishes "Archimedes", a tool used
by the CIA to attack a computer inside a Local Area Network (LAN),
usually used in offices. It allows the re-directing of traffic from the target computer inside the LAN through a computer infected with this
malware and controlled by the CIA. This technique is used by the CIA to redirect the target's computers web browser to an exploitation server
while appearing as a normal browsing session.
The document illustrates a type of attack within a "protected environment" as the the tool is deployed into an existing local network abusing existing machines to bring targeted computers under control and allowing further exploitation and abuse.
RELEASE: CIA '#Archimedes' system for exfiltration and browser hijacking. Includes manuals and binary signatures.
— WikiLeaks (@wikileaks) May 5, 2017
|Nodes:||10 (1 / 9)|