Archimedes: Wikileaks added new Vault 7 documents detailing a man-in-the-middle (MitM) attack tool allegedly created by the United States Central Intelligence Agency (CIA) to tamper with local networks.
Since March, the WikiLeaks has published thousands of documents and secret tools allegedly belonging to the CIA. This latest publication is the 7 version of the Vault 7 series.
So today we will look at an unreleased CIA tool called Archimedes that was released on Friday. The hacking tool It is supposed to be used for attacks on computers within a local area network (LAN).
According to the documents leaked, this MitM tool was formerly called "Fulcrum" but later renamed "Archimedes."
Archimedes contains several improvements from the previous version, such as providing a way to “disable the tool on demand” and added “support for a new HTTP injection method based on the use of a hidden iFrame. "
Documents describe Archimedes as a tool that allows users to redirect LAN traffic from a target computer to a computer that is infected by malicious software and is controlled by the CIA before normal traffic is transferred to the gateway.
It's an attack known as man-in-the-middle (MitM).
The tool itself is very simple without great features, as there are many MitM tools available on the Internet, which can be downloaded and used to target users on a local network.
Its founder Infosec, Jake Williams, also stated that the tool was not originally developed by the CIA, and rather appears to be a repackaged version of Ettercap – an open source tool for MitM attacks.
Last week, WikiLeaks leaked the source code for a more interesting CIA tool known as “Scribbles,” software allegedly designed to embed “web beacons” in classified documents, allowing the Secret Service to locate Insider and whistleblowers.
Since March, WikiLeaks has made 7 publications in the "Vault 7" series, which include large leaks:
"Year Zero"The CIA is using popular hardware and software.
"Weeping Angel"The spying tool that the service uses to penetrate smart TVs, turning them into disguised microphones.
"Dark Matter"Exploits targeting iPhones and Mac.
"Marble"The source code of a secret anti-forensic framework. It's essentially a obfuscator that the CIA uses to hide the real source of malware.
"GrasshopperA framework that allows the intelligence service to easily create custom malware to infringe on Microsoft Windows and bypass any protection from viruses.
