Wikileaks released the documentation for the Athena Spyware, a malware that could infect and remote control almost any Windows machine.
Last Friday, Wikileaks released the documentation for AfterMidnight and Assassin malware platforms, today the organization leaked a new batch of the CIA Vault 7 dump that includes the documentation related to a spyware framework dubbed Dubbed Athena /Hera.
The batch of CIA files includes a user manual of the Athena platform, an overview of the technology, and a demo on how to use the malware.
Reading the documents it is possible to discover that any Windows systems could be infected by the two spyware, Athena works for XP through Windows 10 and Hera for Windows 8 through Windows 10.
The Athena / Hera malware were used by the CIA to take remote control over the infected Windows machines remotely.
“The Athena System fulfills COG/NOD’s need for a remote beacon/loader. Table 2 shows the system components available in Athena/Hera v1.0. The target computer operating systems are Windows XP Pro SP3 32-bit (Athena only), Windows 7 32-bit/64-bit, Windows 8.1 32- bit/64-bit, Windows 2008 Enterprise Server, Windows 2012 Server, and Windows 10.” reads the system overview included in the user guide. “Ubuntu v14.04 is the validated Linux version. Apache 2.4 is the validated web server for the Listening Post.”
The Athena spyware was written in Python, is seems to be dated back August 2015, if confirmed it is worrying news because Microsoft released Windows 10 in July 2015.
Athena is the result of a joint work of CIA developers and peers at cyber security firm Siege Technologies that is specialized in offensive cyber security.
“Athena is a beacon loader developed with Siege Technologies. At the core it is a very simple implant application. It runs in user space and beacons from the srvhost process. The following diagram shows the concept of operation.” states the Athena Technology Overview.
The documents leaked by Wikileaks reveals that ability of the Athena spyware to modify its configuration in real time, customizing it to a specific operation.
“Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system,” WikiLeaks claims.
However, WikiLeaks has not provided any detail about the operations being conducted by the agency using Athena, but it is not hard to imagine how the intelligence agency would be using this program to spy on their targets.
Below the list of the mail dumps leaked by WikiLeaks:
- The Year Zero that revealed CIA hacking exploits for hardware and software.
- Weeping Angel spying tool to hack Samsung smart TV and use them as
- The Dark Matter dump is containing iPhone and Mac hacking exploits.
- The Marble batch focused on a framework used by the CIA to make hard the attribution of cyber attacks.
- The Grasshopper batch that reveals a framework to customize malware for breaking into Microsoft’s Windows and bypassing antivirus protection.
- The Scribbles Project for document tracking.
- Archimedes man-in-the-middle (MitM) attack tool.
- AfterMidnight and Assassin malware platforms.
WikiLeaks revealed CIA Athena Spyware, the malware that targets all Windows versions
- Thread starter ras74
- Start date
- Aug 30, 2015
- 1,928
Wiki Leaks owner should be thrown in prison, possibly even the death penalty, and the site forever removed from the internet. I don't care about his political stance but when they leak malicious programs that are currently used to hack hospitals and such it's never okay. Even when not using it at a hospital. Your playing with people's lives that way, its disgusting... Just as bad as the hackers themselves IMO.
The guy is a coward and accused of rape...only idiots will support him and take his side.
You guys know that Wikileaks is not Shadow Brokers right? Wikileaks had nothing to do with the MS17-010 and the use of it for ransomware. Also, Assange was not convicted, only accused and his case was dismissed. You can support him without supporting rape.
- Aug 30, 2015
- 1,928
True. I also agree with innocent until proven guilty. However, had his site not been acquiring some of these things this stuff probably wouldn't have happened..
He smell shady from the start. He is like Snowden, people that needs attention. In 10 years they will all be forgotten because they changed nothing. Everybody knows that intel agencies have to use "less than legal" methods, if not they won't gather anything. Instead of disclosing state secrets they should rather focus on exposing real criminals but unlike agencies those criminals will put a bullet in their heads.
- Aug 31, 2014
- 655
The filthy rat had his International Arrest Warrant dropped yesterday, but if he sets foot out of that Embassy he's been holed up in for years, he will still get arrested due to a long standing Court Order
And what makes me laugh is the releasing of hacking methods before warning the potential victims...
- Aug 31, 2014
- 655
It's an attempt to make CIA look bad I guess but it's certainly blown up for all the wrong reasons due to their ham fisted attempts at 'activism'
They just needs attention, before Snowden was a total stranger , now he give conferences, movies are made on his story and those are not for free of course...he knew he will get more money by exposing secrets...
As if they cared of their fellow citizens...gimme a break...
I wait the next Snowden or Assange movie/book.
As if they cared of their fellow citizens...gimme a break...
I wait the next Snowden or Assange movie/book.
- Nov 17, 2016
- 1,242
Probably. There's no controls as a reference.
Could be. But then we don't really have empirical evidence so we're just assuming. It then becomes a matter of perspective.
- Aug 23, 2016
- 193
Similar threads
