WikiLeaks Exposes CIA’s Air-Gapped Network Hacking Tool

WikiLeaks has published online  top-secret documents it has obtained from the CIA describing the agency’s hacking tools. This details in the software codenamed Brutal Kangaroo shows that agents can use the software to infect targets’ air-gapped computers with malware.

Dubbed “Brutal Kangaroo,” it has been described by its developer as a tool suite designed for targeting closed networks. The infected systems will form a covert network, and the attacker will be able to obtain information and execute arbitrary files. According to the user guide [PDF], the software consists of four specific applications. Shattered Assurance is the server-side code that forms the basis of the attack system and infects USBG drives plugged into an infected computer with the Drifting Deadline malware.

Microsoft said the vulnerabilities used by these exploits have already been patched in supported versions of Windows but whenthis was done is still unclear. The company this month patched a LNK remote code execution flaw (CVE-2017-8464) that has been actively exploited, but no information has been provided on these attacks.

WikiLeaks has been publishing CIA files, which are part of a leak dubbed “Vault 7,” nearly every week since March 23. There’s nothing too surprising about the Brutal Kangaroo suite, or most of the other documents WikiLeaks is releasing as part of its Vault 7 archive. The software described is all something will  expect an intelligence agency to use.

Post Author: Churchill Aribodor

Churchill Aribodor is management system consultant, trainer, auditor and blogger. He is passionate about cybersecurity and devotes a lot of time raising awareness on secure cyberspace for the good of all. He has consulted, audited and trained professionals in this area. He is a rounded ICT expert covering people, process and technology. He can be reached through arihills@hotmail.com

Leave a Reply

Your email address will not be published. Required fields are marked *