MalwareTips Bot

Content Creator
WikiLeaks has just revealed another secret CIA project used to compromise Windows systems, this time targeting the operating system boot sector to then allow for deploying more payloads.

Codenamed project Angelfire, the hacking tools were aimed at Windows XP and Windows 7 and consisted of 5 different tools that worked together to compromise a system.

First of all, it’s Solartime, a malware component whose primary goal is to modify the boot sector to load a second module called Wolfcreek and consisting of a set of drivers that enable dumping other payloads like drivers and applications.

A third component is called Keystone and was specifically deployed by the CIA because it allowed agents to deploy additional malware on the infected systems, while the fourth is called BadMFS and represented a file system storing all the other components encrypted and obfuscated.

And the last one is Windows Transitory File System, which WikiLeaks says was designed as an alternative... (read more)

Read more: New WikiLeaks Dump Uncovers CIA Malware Infecting Windows Boot Sector
Last edited by a moderator:
  • Like
Reactions: Fritz