Watcher Forum
Would you like to react to this message? Create an account in a few clicks or log in to continue.


Welcome to Watcher Forum
 
HomeLatest imagesSearchRegisterLog in

 

 #Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks

Go down 
AuthorMessage
Guest
Guest




#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks Empty
PostSubject: #Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks   #Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks I_icon_minitimeSun May 14, 2017 6:54 pm

https://www.prisonplanet.com/vault7-cia-malware-plants-gremlins-on-microsoft-machines-wikileaks.html


#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks

RT
May 12, 2017
WikiLeaks has released the latest instalment in the #Vault7 series, detailing two apparent CIA malware frameworks dubbed ‘AfterMidnight’ and ‘Assassin’ which it says target the Microsoft Windows platform.
The latest release consists of five documents detailing the two frameworks. ‘AfterMidnight’ allows operators to load and execute malware on a target machine, according to a statement from WikiLeaks.
The malware, disguised as a self-persisting dynamic-link library (DLL), unique to Microsoft, executes ‘Gremlins’ – small payloads which run hidden on the machine subverting the functionality of software as well as surveying the target and exfiltration of data. A payload named ‘AlphaGremlin’ allows operators to schedule customs tasks to be executed on the machine.

https://twitter.com/ColmMcGlinchey/status/862961603221880832/photo/1
#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks Screen17

Once installed ‘AfterMidnight’ uses a HTTPS listening port to check for any scheduled events. Local storage related to ‘AfterMidnight’ is encrypted with a key not stored on the target machine, according to a user guide provided in the leak.
According to the leak, ‘Assassin’ is a similar type of malware to ‘AfterMidnight’. The tool’s user guide describes it as “an automated implant that provides a simple collection platform on remote computers running the Microsoft Windows operating system.”
The tool purportedly allows operators to perform specific tasks on an infected computer, periodically sending intercepted information to listening posts. It is made up of four subsystems: ‘Implant’, ‘Builder’, ‘Command and Control’, and ‘Listening Post’.
The ‘Implant’ provides the core logic and functionality of the tool on a target computer. The way it’s set up determines much of how the tool will behave on the target computer.
The ‘Builder’ arranges the Implant and ‘Deployment Executables’ before deployment, while the ‘Command and Control’ subsystem acts as an interface between the operator and the ‘Listening Post.’
The ‘Listening Post’ allows the ‘Implant’ to communicate with the subsystem through a web server.
Details of the document’s author are revealed in instructional screenshots of their desktop which appear in the ‘AlphaGremlin’ user guide. The screenshots also show a shortcut to Pidgin, an encrypted chat program, along with a folder named ‘Drone.’

#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks C_nkdHpWAAAtQg0
Follow
#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks 5FyUYdGW_normal Colm McGlinchey @ColmMcGlinchey
Screehgrab from latest #Vault7 release shows author is named 'Justin' and is using a #Dell machine #WikiLeaks
3:05 AM - 12 May 2017


  • 5 5 Retweets
  • 5


This article was posted: Friday, May 12, 2017 at 6:27 am
Back to top Go down
 
#Vault7: ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks
Back to top 
Page 1 of 1
 Similar topics
-
» Vault 7: WikiLeaks Publishes New CIA Documents on Windows Malware
» CAN COMEY! CAN THEM ALL!!! == WikiLeaks Reveals "Archimedes": Malware Used To Hack Local Area Networks
» Map Shows The NSA's Massive Worldwide Malware Operations
» Snowden Blasts The NSA Over Global Malware Attack, Says They Could Have Easily Prevented It
» Microsoft and Spirit Cooking Queen

Permissions in this forum:You cannot reply to topics in this forum
Watcher Forum :: Welcome! :: General Discussion-
Jump to: