WikiLeaks has revealed new tools that the CIA is allegedly using in its cyber-business operations. New tools can stop tracking cameras for service agents to perform their missions without being recorded on video.
A set of tools called Dumbo can not only block cameras, microphones, and surveillance software, but it can detect audio and video recordings and destroy files in a way that does not allow them to be recovered.
The manuals published by WikiLeaks were last updated in June of 2015 and reveal that Dumbo is in the 3.0 version, offering support for all versions of Windows that are available on the market, starting with Windows XP, although the versions of the 64 bits of this particular release are not supported.
"Dumbo is a possibility of suspending processes that use webcams and destroying any video recordings that could jeopardize the development of PAG. PAG (Physical Access Group) is a special unit in the CCI (Center for Cyber Intelligence). "His job is to gain physical access to target computers in CIA operations," WikiLeaks reports.
What is important to note is that compared to other malicious tools the CIA uses, Dumbo requires physical access to the victim's computer as the application is contained on a USB stick that should be connected to the machine.
Administrator rights are required not to be detected by security software, although from previous WikiLeaks revelations we learned that getting root privileges is something the information service can easily do.
Once introduced into a system, Dumbo offers tools to shut down all connected monitors and software, but also looks for additional devices that are part of the network. It searches for specific processes and records, offering access even to deleted files but left traces.
If the deactivation of the surveillance system does not work, CIA agents can cause BSOD to connect to the Windows system. So with the offline system surveillance cameras are useless.
Please be reminded that Wikileaks is releasing documents in the Vault 7 series from 7 2017 March, expounding more and more Coca-Cola tools.
Year Zero: CIA exploits popular hardware and software.
Weeping Angel: the spy tool that the service uses to penetrate smart TVs, turning them into disguised microphones.
Dark Matter: exploits targeting iPhones and Mac.
Marble: the source code of a secret anti-forensic framework. It is basically a obfuscator that CIA uses to hide the real source of malware.
Grasshopper: a framework that allows the information service to easily create custom malicious software to violate Microsoft Windows and bypass any virus protection.
Archimedes: a MitM attack tool allegedly created by the CIA for targeting computers within a local area network (LAN).
Scribbles: a software that is designed to add 'web beacons' to secret documents to allow for leakage control by secret services.
Athena:is designed to fully acquire full control over infected Windows computers, allowing the CIA to perform many functions on the target machine, such as deleting data or installing malicious software, data theft, and sending them to CIA servers.
CherryBlossom: a tool that tracks the online activity of a target, redirects the browser, crawls e-mail addresses and phone numbers, and more through the router.
Brutal Kangaroo:tool that can be used to infect air-gapped computers with malware.
ELSA: Windows malware used by the CIA to identify the location of a particular user using his computer's Wi-Fi.
OutlawCountry: Linux malware that the CIA uses to determine the location of a particular user using its computer's Wi-Fi.
BothanSpy - Gyrfalcon: for SSH authentication theft from Windows and Linux respectively
HighRise: the CIA tool for tracking and redirecting SMS messages to a remote server.
Achilles, Aeris and SeaPea: malicious spyware and data transfer software from MacOS and Linux
Dumbo: blocks cameras, microphones, and surveillance software.