Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.
posted by Fnord666 on Sunday May 21 2017, @05:39AM   Printer-friendly
from the the-whole-pantheon dept.

Submitted via IRC for TheMightyBuzzard

WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

[...] According to the whistleblower organization, Athena has the ability to allow the CIA agents to modify its configuration in real time, while the implant is on target "to customize it to an operation."

"Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system," WikiLeaks claims.

The leaked documents suggest that Athena, written in Python programming language, was developed in August 2015, just a month after Microsoft released its Windows 10 operating system.

Interestingly, one document also suggests that the CIA agents have been advised to make sure that the spyware should not get caught by antivirus software programs, especially Kaspersky AV software.

Source: http://thehackernews.com/2017/05/athena-cia-windows-hacking.html


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2) by ls671 on Sunday May 21 2017, @06:00AM (2 children)

    by ls671 (891) on Sunday May 21 2017, @06:00AM (#512904) Homepage

    I said so many, many years ago. It has been going on for a very long time. Now, what are going to do about it?

    DISCLAIMER: This is a generic comment, not applying specifically to any OS versions or human skills.

    --
    Everything I write is lies, including this sentence.
    • (Score: 2) by ls671 on Sunday May 21 2017, @06:05AM

      by ls671 (891) on Sunday May 21 2017, @06:05AM (#512905) Homepage

      what are you going...

      --
      Everything I write is lies, including this sentence.
    • (Score: 0) by Anonymous Coward on Sunday May 21 2017, @07:33PM

      by Anonymous Coward on Sunday May 21 2017, @07:33PM (#513124)

      Now, what are [you] going to do about it?

      Uhm, not use Windoze?

  • (Score: 2) by Zyx Abacab on Sunday May 21 2017, @06:45AM (2 children)

    by Zyx Abacab (3701) on Sunday May 21 2017, @06:45AM (#512912)

    Athena, written in Python programming language

    Have we really passed into an age in which hackers are using an interpreted language for exploits? Good lord.

    Maybe it's just the wording. I mean, I guess that the payload could easily install an interpreter after it runs; and that it's the higher-level stuff that depends on Python.

    But I find it really hard to believe that any system-level malware could be written entirely in Python—especially for a platform that has never bundled a Python interpreter!

    • (Score: 0) by Anonymous Coward on Sunday May 21 2017, @10:32AM

      by Anonymous Coward on Sunday May 21 2017, @10:32AM (#512968)

      Why not? Most malware doesn't need to do a lot of low level stuff. And nowadays the average PC's bandwidth and CPU power is relatively high.

      In the old days a 5MB perl/python malware might be too huge, but nowadays many ad infested pages probably are close to 5MB if not larger.

      I would think it's easier to do polymorphic malware in an interpreted language - could more easily automate morphing it to pass AV scans. Think of Perl's TIMTOWTDI.

    • (Score: 2) by darkfeline on Monday May 22 2017, @05:06PM

      by darkfeline (1030) on Monday May 22 2017, @05:06PM (#513594) Homepage

      You're a few years late to the party. Someone who follows such communities more closely can elaborate, but I have heard of Python being used regularly for exploits at least two years ago.

      --
      Join the SDF Public Access UNIX System today!
  • (Score: 3, Funny) by fido_dogstoyevsky on Sunday May 21 2017, @06:59AM (7 children)

    by fido_dogstoyevsky (131) <{axehandle} {at} {gmail.com}> on Sunday May 21 2017, @06:59AM (#512914)

    ...allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10...

    Good thing I kept my windows 98 DVD. And when that's at risk I can upgrade to win 3.1 for the same reason... oh shit. Where am I gonna get a floppy drive?

    --
    It's NOT a conspiracy... it's a plot.
    • (Score: 2) by meisterister on Sunday May 21 2017, @07:06AM (6 children)

      by meisterister (949) on Sunday May 21 2017, @07:06AM (#512916) Journal

      Well, damn. Someone beat me to the Windows 98 joke!

      I take your Windows 98 and raise you Windows 2000!

      --
      (May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
      • (Score: 1) by anubi on Sunday May 21 2017, @07:44AM

        by anubi (2828) on Sunday May 21 2017, @07:44AM (#512923) Journal

        ( folding cards and laying them on table... )
        I'm out. All I had was a WIN95OSR2 and a DOS6.20 . You guys too rich for my blood.

        --
        "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
      • (Score: 2) by fido_dogstoyevsky on Sunday May 21 2017, @08:00AM (4 children)

        by fido_dogstoyevsky (131) <{axehandle} {at} {gmail.com}> on Sunday May 21 2017, @08:00AM (#512924)

        I take your Windows 98 and raise you Windows 2000!

        I reply with Gem Windows [wikipedia.org] under DR-DOS. In my Alan Rickman accent whilst stroking the white hairy cat on my lap.

        --
        It's NOT a conspiracy... it's a plot.
        • (Score: 0) by Anonymous Coward on Sunday May 21 2017, @09:23AM

          by Anonymous Coward on Sunday May 21 2017, @09:23AM (#512940)

          On the Internet, no one knows you're a cat fancier.

        • (Score: 2) by c0lo on Sunday May 21 2017, @11:48AM (2 children)

          by c0lo (156) Subscriber Badge on Sunday May 21 2017, @11:48AM (#512980) Journal

          I'd raise you with a ZX Spectrum, but I can't find a cassette player/recorder any more.

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
          • (Score: 2) by fido_dogstoyevsky on Sunday May 21 2017, @12:46PM (1 child)

            by fido_dogstoyevsky (131) <{axehandle} {at} {gmail.com}> on Sunday May 21 2017, @12:46PM (#512994)

            I'd raise you with a ZX Spectrum, but I can't find a cassette player/recorder any more.

            Tried ebay? That's where I found the floppy drive for my win 3.1, DR-DOS and GEM disks.

            --
            It's NOT a conspiracy... it's a plot.
            • (Score: 0) by Anonymous Coward on Monday May 22 2017, @12:22AM

              by Anonymous Coward on Monday May 22 2017, @12:22AM (#513218)

              Too bad that the floppy drive includes call-home firmware...

  • (Score: 5, Insightful) by Anonymous Coward on Sunday May 21 2017, @09:38AM (1 child)

    by Anonymous Coward on Sunday May 21 2017, @09:38AM (#512948)

    allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software

    Or uploading "evidence".

    • (Score: 2) by kaszz on Sunday May 21 2017, @04:47PM

      by kaszz (4211) on Sunday May 21 2017, @04:47PM (#513060) Journal

      That is why those underage pornography laws are so convenient..
      Seems it already took of in 1982 (New York v. Ferber) in the USA.

      This might however also provide a opportunity to wreck those laws. By letting some virus spread such material everywhere. Defendants can always clam "the virus did it".

  • (Score: 2) by srobert on Sunday May 21 2017, @06:04PM (1 child)

    by srobert (4803) on Sunday May 21 2017, @06:04PM (#513085)

    When the U.S. spies on anyone in the world who uses a computer whether American citizens or foreign governments, it's not the same as when the Russians do it. They do it to "interfere with our Democracy". When we do it, it's to promote truth, justice, and the American Way. As Agent 86 pointed out, they do it because they're evil. We have no choice but to lie, cheat, kill, and torture, because we're the good guys.

    • (Score: 0) by Anonymous Coward on Monday May 22 2017, @04:05AM

      by Anonymous Coward on Monday May 22 2017, @04:05AM (#513308)

      "Hans, are we the baddies?"

      At least the US doesn't put skulls on their helmets. Actually, I don't know enough about various US military units, do we have any that wear "evil" outfits?

(1)