Source: revolutionradio.org --- Thursday, August 31, 2017
RT.com 31 Aug, 2017 Windows machines are targeted by the CIA under ‘Angelfire,’ according to the latest release from WikiLeaks’ ‘Vault7’ series. The documents detail an implant that can allow Windows machines to create undetectable libraries. ‘Angelfire’ consists of five components – ‘Solartime,’‘Wolfcreek,’ ‘Keystone,’ ‘BadMFS,’ and the ‘Windows Transitory File system,’ according to a statement from WikiLeaks released on Thursday. ‘Solartime’ modifies the partition boot sector of Windows XP or Windows 7 machines when installed, allowing the ‘Wolfcreek’ implant to load and execute. ‘Wolfcreek’ can then load and execute other ‘Angelfire’ implants. Previously known as ‘MagicWand,’ ‘Keystone’ loads malicious user applications on the machine which never touch the file system, leaving “very little forensic evidence that the process ever ran” according to WikiLeaks. The Rest… HERE ...
from Windows http://ift.tt/2x9W5ZM
No comments:
Post a Comment