Vault 7 has opened, once again, revealing new CIA hacking revelations using Wi-Fi connections and Linux operating systems. Let’s start from yesterday’s dump.
According to Wired, WikiLeaks dumped new projects to the public: ‘ELSA’ and ‘OutlawCountry,’ allegedly showing two CIA backdoors.
ELSA, published by WikiLeaks on Wednesday, utilizes geo-location malware to scan laptop devices with Wi-Fi-enabled hardware.
Upon scanning, the malware collects remote data about the laptop without the use of an internet connection.
If online, however, the malware allegedly uses Microsoft or Google databases to pinpoint the exact location of the device, both longitude, and latitude, also collecting a timestamp.
From there on, the data does not go straight to a CIA back-end; instead, another exploit is used to retrieve the log files, WikiLeaks claims.
ELSA reportedly dates back to 2013 — creepy, right?
The following day, on Thursday, WikiLeaks decided to dump more docs from its Vault 7. This time around, the malware exploit allegedly targets Linux operating systems.
The project, titled OutlawCountry, is used to redirect “outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes,” WikiLeaks says.
“The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from an user or even system administrator.”
Alex McGeorge, a security firm expert, remains as the only person to confirm these allegations. “This technique has been done and known about for a long time,” McGeorge said.
Image via: Pascal Lauener/Reuters