Language Selection

English French German Italian Portuguese Spanish

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

More in Tux Machines

Should we open source election software?

Late last year, R. James Woolsey and Brian Fox wrote an op-ed piece about the security benefits of open sourcing election software. Woolsey is a former director of the Central Intelligence Agency. Fox is the creator of several open source components, including the GNU Bash shell, and a board member of the National Association of Voting Officials. Woolsey and Fox assert as a main piece of their argument that open source software exposes the code to the larger developer community, allowing many eyes to comb through that code for security vulnerabilities, transparency that makes it more secure than software developed by commercial organizations. If the open source model for voting systems gains traction, as the editorial advocates, effective management of open source security will become extremely important. At the 2017 DEF CON 25 convention it took only a few hours for white hat hackers to break into five different voting machines, one via a vulnerability in an open-source component. The reality is that all software, whether developed in a transparent manner or otherwise, contains defects. Regardless of available resources and expertise, uncovering a defect can be challenging. Read more

Android Leftovers

What Do High School Students Know or Understand about Open Source Software?

Only 20 years after the label "Open Source" was coined, the entire tech ecosystem has embraced its values of sharing, collaboration and freedom. Although Open Source Software is pervasive to our everyday life, does everyone and especially the younger generation realize how to leverage it? Last summer, over the course of 3 weeks, High School students with no prior experience in Computer Science (CS) joined Holberton School’s first Immersion Coding Camp to learn how to code and build their own website. Read more

Open-spec SBC is a clone of a clone of a clone of a Raspberry Pi 3

FriendlyElec has launched a $35m open-spec “NanoPi K1 Plus” SBC with a quad -A53 Allwinner H5, 2GB DDR3, WiFi, GbE, a 40-pin expansion header, and Ubuntu Core and Armbian images. A year ago when FriendElec launched its $40 (now $45) NanoPi K2 SBC, we called it an Odroid-C2 clone with wireless, as well as a near clone of the Raspberry Pi 3. The new NanoPi K1 Plus is a slightly reduced, but more media-rich, version that switches from the Amlogic S905, which is also found on the Odroid-C2, to an Allwinner H5, which is used by several other NanoPi boards. Both SoCs give you 4x Cortex-A53 cores and a Mali-450 GPU, but the H5 tops out at 1.4GHz instead of 1.5GHz. Read more