WikiLeaks Brutal Kangaroo: CIA tools for air-gapped computers

WikiLeaks Brutal Kangaroo: WikiLeaks has published more classified CIA documents online that describe its hacking tools s. This time the software it describes is referred to as Brutal Kangaroo, and it can be used to infect air-gapped computers with malware.

Documents originated initially at 11 May 2015 and revised on 23 February next year describe the project Brutal Kangaroo, which uses infected Windows computers to spread malware on non-networked machines via USB sticks.

The CIA suite released by WikiLeaks replaces earlier agency tools called EZCheese and Emotional Simian, a kind of -weapon used by US intelligence to spread Stuxnet.

WikiLeaks Brutal Kangaroo

THN image

According to user guide [PDF], the software consists of four specific applications.

The Shattered Assurance is the server side code that forms the basis of the attack system and infects USBG disks that are connected to an infected computer with the malicious software Drifting Deadline.

Once an infected thumb drive is connected to a computer it automatically runs its contents and uses Windows 7 as . Immediately after running .Net 4.5, the Drifting Deadline it serves the Shadow malware in the system.

The Shadow malware it's a lot software – the user manual [PDF] Dates August 31, 2012 - and has two client and server versions. It is very well designed for specific purposes. The operator can configure it to collect system data up to 10% of system memory, watermark all the data it collects and store it in an encrypted partition on the hard drive of the infected computer.

Once the infection is complete, Shadow will look for other connected systems and infect them. It can be configured to put the hijacked data on any new drive installed in the system or send it somewhere if it detects an open connection on .

The latest application in Brutal Kangaroo is Broken Promise, which is a tool used for easy and fast data processing. Overall, the Brutal Kangaroo suite could be very useful in thwarting air-gapped machines that typically use corporate internal networks for greater security.

There is nothing very strange about the Brutal Kangaroo Suite released by WikiLeaks in the Vault 7 file. The software described is something we would expect to use an information service.

Please be reminded that Wikileaks released documents in the Vault 7 series from 7 March, exposing more and more Coca-Cola Hacker tools.

"Year Zero"CIA exploits popular hardware and software.
"Weeping Angel"The spying tool that the service uses to penetrate smart TVs, turning them into disguised microphones.
"Dark Matter"Exploits targeting iPhones and Mac.
"Marble"The source code of a secret anti-forensic framework. It is basically a obfuscator that CIA uses to hide the real source of malware.
"GrasshopperA framework that allows the intelligence service to easily create custom malware to infringe on Microsoft Windows and bypass any from viruses.

"Archimedes"– ένα εργαλείο επίθεσης MitM που φέρεται ότι δημιούργησε η CIΑ για τη στοχοθέτηση υπολογιστών μέσα σε ένα τοπικό (LAN).
Scribbles” a piece of software designed to add 'web beacons' to classified documents to allow intelligence to monitor leaks.
Athena:is designed to be able to gain complete control over infected Windows computers, allowing the CIA to perform many operations on the target machine, such as deleting data or installing malware; of data and sending them to CIA servers.
CherryBlossom a tool that tracks the online activity of a target, redirects the browser, crawls e-mail addresses and phone numbers, and more through the router.
Brutal Kangaroo: A tool that can be used to infect air-gapped computers with malware.

iGuRu.gr The Best Technology Site in Greecefgns

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).