WikiLeaks Exposure Three CIA hacking tools: Achilles, Aeris, SeaPea

  • Comments Off on WikiLeaks Exposure Three CIA hacking tools: Achilles, Aeris, SeaPea
  • 123
  • A+
所属分类:news Tech United States

The WikiLeaks website re-exposes some of the new content of the US intelligence agency's "Vault 7" secret file, and then exposes three security vulnerabilities / tools that have long been exploited by US government intelligence agencies to reveal three US intelligence agencies for monitoring macOS, or Linux System users' malware or backdoor tools, including Achilles, Aeris and SeaPea, are three tools for a project called Imperial, primarily for computers running OS X systems and other Linux systems.

The first version, called Achilles, allows an attacker to infect malicious "OS X System Disk Mirror Installation Tool", which allows CIA staff to embed legitimate Mac OS applications bundled with malicious Trojans into DMG files. The shell script for this tool is written in Bash and can be executed one-time, and one or more specified executables are executed depending on the wishes of the operator.

The second tool, called Aeris, is an automatic implant tool written in C language that is specifically designed for implantation of backdoors for Linux (Debian, CentOS, Red Hat, FreeBSD, and Solaris).

WikiLeaks Exposure Three CIA hacking tools: Achilles, Aeris, SeaPea

With Aeris, CIA staff can perform different concealments for different computers for different purposes.
Aeris supports automatic extraction of files that are often used by an attacker to steal information from an intruded device through a TLS encrypted channel.

This tool affects the following systems:

(I386) Solaris 11 (i386) Solaris 11 (i386) FreeBSD 8 (i386) FreeBSD 8 (i386) FreeBSD 8 (i386) FreeBSD 8 (i386) 8 (amd64) CentOS 5.3 (i386) CentOS 5.7 (i386)

The third tool, called SeaPea, is the rootkit in OS X that allows CIA staff to hide important files, directories, processes, and socket connections from users, and then install the tools secretly to access their computers without the user's knowledge. SeaPea has been mentioned in the darkSeaSkies information that WikiLeaks decrypted in March of this year.

The tool was also developed in 2011 and can be run on the latest version of the Mac OS X 10.6 (Snow Leopard) system (32-bit or 64-bit compatible kernel) and Mac OS X 10.7 (lion) system.