Slashdot Mirror
WikiLeaks Dump Reveals CIA Malware That Can Sabotage User Software (bleepingcomputer.com)
An anonymous reader writes: "While the world was busy dealing with the WannaCry ransomware outbreak, last Friday, about the time when we were first seeing a surge in WannaCry attacks, WikiLeaks dumped new files part of the Vault 7 series," reports BleepingComputer. This time, the organization dumped user manuals for two hacking tools named AfterMidnight and Assassin. Both are malware frameworks, but of the two, the most interesting is AfterMidnight -- a backdoor trojan for stealing data from infected PCs. According to its leaked manual, AfterMidnight contains a module to "subvert" user software by killing processes and delaying the execution of user software. Examples in this manual show CIA operatives how to kill browsers every 30 seconds to keep targets focused on their work, how to delay the execution of PowerPoint software with 30 seconds just to mess with their targets, or how to lock up 50% of PC resources whenever the user starts certain software. Basically, the CIA created nagware.
how to lock up 50% of PC resources whenever the user starts certain software
Isn't that just windows updates?
browser crashing and office application slowness is so common, how can you identify when it is caused by NSA tools ?
You are the Enemy.
now they know where you are.
HAND
to kill browsers every 30 seconds to keep targets focused on their work
As a web programmer, I need tons of documentation that is mainly available on-line. If I got the CIA's luddite infection, I couldn't deliver much useful
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
...that Wikileaks never seems to publish any russian or chinese state cyber security leaks. Now either security is particularly bad in the US security services compared to russia and china, which means information is easy to get hold of, or someone in wikileaks has a rather anti-US agenda. I know which I'd lay money on.
Trump did something monumentally stupid and people found out about it yesterday, better create a diversion!
Is TRUMP beating O.J. in causing the most lost productivity ever?
If you think, yes, hell yes, vote yes.
If you think, no, nothing beats O.J. in lost productivity, vote no.
Vigilante hackers to shut down wikileaks? Somekind of a verbial oxymoron?
Powerpoint gets delayed 30 secs... and so on.
Isn't that just standard Windows "user experience" anyway?
Do you not think the other agencies don't have access to such tools and information already? Exploits are sold and distributed in the darkweb on a daily basis, you can even these days buy malware as a service. It's a highly advanced, highly lucrative industry with professionals at work on all sides. And not all the players are state actors, plenty of them have commercial interests in mind and these people don't care who's buying.
Now, someone else said it well in a recent story about WannaCry: the lesson of this story is not just 'guard your weapons better' but also 'make better armor'
Putting these exploits out there allows for people to defend themselves against them. Following the mentality of 'well let's just not tell anyone of this exploit we found and no $BAD GUYS will ever find it" is arrogant and stupid because there are billions of dollars involved in the industry of seeking out and taking advantage of these exploits. There are millions of people across the planet right now working for criminal enterprises whose day-to-day job it is to seek these security holes out, with or without sites like WikiLeaks.
I personally think the whole tactic of not informing companies of serious security flaws in their products in the hopes of one day being able to use said exploits to target $BAD GUYS, is incredibly stupid and shortsighted because it simultaneously puts EVERYONE running these systems in the US/west at risk of being attacked by whoever else has found the same exploit. It's literally the same as finding out a vaccine for a deadly virus but trying to keep it a secret in case one day you decide to start full-scale biological war against $BAD GUYS; if your population is not vaccinated and is hit first by the enemy, you're fucked. The risk-reward ration is absurd.
But then again, I'm not american, so that must mean I'm the enemy, right?
"It is the business of the future to be dangerous" -Alfred North Whitehead
Now explain for us all how leaking classified (or non-classified, in this case) info to Wikileaks is any different than leaking it to the New York Times.
Idiots like you are the biggest threat to humanity right now. If you would just Darwin yourself out...
If you feel left out, you can simply install some anti-virus software.
I thought Windows was just like that by default - little did I know I was being hacked by the CIA. I'll be more careful in future ;-)
Anyone else a bit disappointed by the sophistication of the tools & docs wikileaks are releasing?
If this is the extent of the CIA's super-impressive cyber capabilities, then the tax payers probably deserve a refund.
The difficult/expensive bit are the zero day exploits & getting nafarious/nagging code onto a target system & running with sufficient privileges.
Finding a hole in an EOL OS like windows XP or social engineering someone to install something that kills powerpoint every 30 seconds probably isn't worth the millions (billions?) of dollars thrown into these programs by the government.
Maybe I've just seen too many spy movies, but I kind of expected something a bit more exotic.
Is this why WoW gets slower with every release?
Wouldn't it be wonderful if executable files needed an "executable flag" to be set before they can execute rather than just rely on the file extension? That way, when you download that invoice.pdf.exe from your email you'll get a "permission denied" dialog instead of a "give me all your money" dialog.
So they are passing out weapons now. Lots of international law about that. Most of it very nasty.
Yeah people like you would rather have fake news that has been sanitized for your protection. All wikileaks does is report stuff. Don't blame them for being the messenger. You want to shoot someone, shoot the guy in charge of internal security at the CIA/NSA or wherever these "tools" get stolen from. And shoot the guy at Microsoft who knew about all these vulnerabilities years ago and decided to sit on his hands.
But I'm wasting my breath - your statement proves you are incapable of dealing with the real world.
Nobody leaks classified info to the New York Times they just make up the stories. Like the latest one about Assad burning people alive in a crematorium. That's the difference.
Seven puppies were harmed during the making of this post.
i would assume the worst, totally wipe windows off the drive, do a clean install without allowing windows internet access, reboot my dual boot system to Linux and then wait for the shitstorm to subside and then maybe boot up windows for offline only purposes and use Linux for a general purpose internet access OS
Politics is Treachery, Religion is Brainwashing
To all those who keep looking forward to the year of Linux in the desktop - don't. The status quo is excellent. You can run Linux in the desktop without any problems and without much effort, if you want to, to do just about everything that you need and want. As long as Windows maintains its stranglehold, the bad guys and three letter government agencies world over will focus their efforts on Windows, leaving Linux desktops alone. The time has come to understand that the dominance of Windows in the desktop is a blessing to those of us who wish to run Linux in the desktop. We do not want for Linux to rule in the desktop, we want for Windows to carry on taking the heat. Fortunately, the asinine efforts behind Gnome and KDE (and the fading Unity) almost guarantee that Windows will remain the desktop of choice for the masses. And that is a very good thing for the rest of us.
I'm not sure about other readers, but one of the things I've noticed is that as time passes, so more and more potentially useful software becomes "chatty" - in other words software that we'd normally trust to do "what it says on the tin" and nothing else has suddenly sprouted a great deal of extra activity.
This makes it much harder to spot suspicious activity on "ordinary" machines.
Now, we have to accept that there is a great deal of "free" software available today (firewall software like ZoneAlarm, anti-virus software like AVG) which offer both free and paid-for versions, but for which the free-to-use editions "phone home" an extraordinary amount of data about your PC. You get what you pay for.
But when your OS is the worst offender, (W10), when your video driver maintains a running commentary (nVidia), when almost any piece of software on your computer believes that it has the need or right to "phone home", it becomes orders of magnitude more difficult to understand when something suspicious might be happening with your computer. I recently had to re-install a Windows 10 machine for a friend of mine; after applying a 3rd-party firewall utility and configuring it to block all outbound traffic until it had been positively vetted, I was absolutely stunned by the number of different packages that claimed the need to "phone home".
I am sure there are many legitimate reasons for this to happen [such as checking for updates]. However, the current state of affairs seems to be stacking the odds against the average user. It's a bit like the tic-tac-toe ending to Wargames: the only way to avoid losing is to not play the game... and the only way to avoid having your PC pwned is to not have a PC in the first place.
OK, that's a [small] exaggeration. But it illustrates the point. #Depressing.
This could also be yet another "look over here, pay no attention to the man behind the curtain" scenario. Do not fool yourself, all of the world's intelligence communities has been doing this for decades of influencing the masses with carefully orchestrated information dumps. Because they know most people prefer the ignorance is bliss mentality. I bet you still consider the DNC staffer was the victim of a botched robbery, right?
All of this is the classical "Divide and Conquer" rules of war that has been going on for centuries. They have successfully implemented the first phase by dividing the country in half. What would the next step be?
More importantly, who is the they in the equation?
Funny that nobody hears from L0pht anymore. It is as if a secret organization hired them for their technical prowess.
Cant Microsoft sue for infringement about selling malware that can sabotage user software?
I'm confused, Russia hacked our election, put a puppet in the Whitehouse, whose sharing secret intelliogence with Russia.... AND LIKELY WAS THE SOURCE of the names of those people Russian arrested for treason. Since they were arrested shortly after he got access to the unredacted pee memo, complete with the names of the Russian intelligence agents working for the US, that verified the contents of the memos.
Bad guys? Good guys? It's all a fucking blurr. It's good that you defined it as a variable since its so easily changed!
Any backdoor the NSA has, Trump will hand them to his Russian puppet master soon enough. He sold out the spies, and the tools are nothing compared to that.
So next election, expect the Russians to have access to all the 5 eyes secrets on every politician courtesy of their puppet.
This is the best description of Microsoft Windows I have seen in print, to date.
It also provides excellent context for the creation and promotion of systemd.
"Flyin' in just a sweet place,
Never been known to fail..."
The Russians are looking to own both the left and the right.
Heads they win, tails we lose.
Jill Stein travelled to Russia in 2015, and we still don't know who paid for that trip or why (and she's keeping mightly quiet).
It's probable that Russia helped amplify Bernie Sander's message to disrupt Hillary's primary run (though it is equally clear that Bernie himself did not know this or collaborate, unlike Trump).
It is certain that they will mess with our primaries, and the 2020 presidential campaign (as well as congressional race in 2018), and equally clear that we'll have our heads up our asses still, and be unable to prevent or counter any of it. One party is actively trying to slow-walk and even block investigations, not to mention provide political cover, for our Traitor in Chief, so our ability to learn and act on these events is severely diminished, and if this continues, our democracy is very unlikely to survive the next election cycle.
So yeah, it's hard to tell the good guys from the bad guys sometimes, and thanks to the outcome of this election, and the craven behavior of our congressional "leaders," its only going to get worse. Much worse.
No wonder posting on /. takes 30 seconds longer today.
... this raises the possibility that Windows might actually be a functional and performant piece of work, one that has been unfairly maligned over the years due to the CIA's actions!
Seriously. What did they do? Specifically.
Microsoft delays Powerpoint for a minute so that you buy their dead (market share) cellphones and the mobile version of Powerpoint.
It's doesn't boot slowly because it's badly programmed.
They spend all the money in security. They don't spend much money in offensive hacking.
This is why the US elections can never be hacked like the French elections.
What if a high-ranking official opens a Powerpoint virus? It's going to be delayed for 30 seconds so that the antivirus can scan the file 5 times.
How is it that no other spy agency has ever had a leak? Are we to believe that the USA is the only country doing this?
That's not nagware. Stop with the self-righteous software vigilantiism.
Children.
deleting the extra space after periods so i can stay relevant, yeah.
For as much as I am not a MS supporter, been working with Linux since 1994, I am getting fed up with wikileaks attempts to continue to get notoriety posting vulnerabilities previously not disclosed by the intelligence community (not a real fan of them agencies either). It seems the the urge if disclosing information obtained obscurely outweighs the actual detrimental effect it may have (i.e. NHS in the UK as the result of Wcry). How much is privacy worth compared to the price we all pay? I assume most of are impervious to the nefarious effects of the malware, but what about the people that are vulnerable due to their technological illiteracy? I think of my mom's computer for example. When is too much enough? Do we really have that many secrets to hide? Should that lead us to think more about our habits rather than those who observe us?
Really? What electoral colleges? How about the Commercial action on the election? I surely hope you have very good Security practices, and are not famous enough to get the Russian attention. Man... I don't aprovecharÃamos what Hillary did... But I am not valid enough to see how far this goes... Like people say around here.... Bless your heart.
It is for me. Win8.1. It uses about 35% of the CPU time when running in the background. When I stop the process, it drops to nothing. Then after a few seconds, the WU process restarts, and CPU usage goes right back up. I had to force it to not start at all. Unfortunately then I can't update Win Defender, it doesn't work. Well except for about once a week, when it decides that it is out of date, and I can tell it to update then and it works. WTF?
WSUS Offline didn't work.
Autopatcher runs, but always silently fails.
The blog or and best that is extremely useful to keep I can share the ideas of the future as this is really what I was looking for, I am very comfortable and pleased to come here. Thank you very much. animal jam | five nights at freddy's | hotmail login