Athena: WikiLeaks has released a new batch of Vault 7 leaks, which describe an eavesdropping spyware. The new CIA tool “provides remote capabilities connection and loading malware onto target computers,” and is supposedly used by the intelligence service for every version of Microsoft's operating systems, from Windows XP to Windows 10.
The spyware is designed to be able to gain complete control over the infected Windows computers, allowing the CIA to perform many functions on the target machine, such as deletion data or installing malware, stealing data and sending it to CIA servers.
The leakage includes an Athena user manual, a technology overview, and a demonstration of how to use spyware. It reveals that malicious application can have two uses:
Lady: Athena from XP to Windows 10
Secondary: Hera for Windows 8 via Windows 10
According to WikiLeaks, Athena allows CIA agents to modify their configuration in real time, while the implant can be "adapted to a function."
“Once installed, the malware provides the ability to capture, configure and manage tasks, load and unload malicious payloads into memory for specific tasks, deliver and recovery files from and specific folders on the target system”.
Leaked documents indicate that Athena, written in Python programming language, was developed in August of 2015, one month after Microsoft's Windows 10 operating system was released.
Interestingly, one document warns CIA agents to make sure that spyware is not exposed by software programs protections from viruses, such as Kaspersky AV.
Athena was developed by the CIA in collaboration with Siege Technologies - an American cyber security company that offers aggressive technologies and works closely with the United States government.
However, WikiLeaks did not give any detail on Athena's activities, although it is not difficult to imagine how the CIA would use this program.
Since March, WikiLeaks has released nine leaked articles in the "Vault 7" series:
"Year Zero"The CIA is using popular hardware and software.
"Weeping Angel"The spying tool that the service uses to penetrate smart TVs, turning them into disguised microphones.
"Dark Matter"Exploits targeting iPhones and Mac.
"Marble” the source codeof a secret anti-forensic framework. It is essentially an obfuscator used by the CIA to hide the true source of malware.
"Grasshopper"A framework that allows the information service to easily create custom malicious software to violate Microsoft Windows and bypass any virus protection.
"Archimedes"- a MitM attack tool allegedly created by the CIA for targeting computers within a local area network (LAN).
Scribbles” a piece of software designed to add 'web beacons' to classified documents to allow intelligence to monitor leaks.