WikiLeaks Dump Reveals CIA Malware That Can Sabotage User Software

An anonymous reader writes: "While the world was busy dealing with the WannaCry ransomware outbreak, last Friday, about the time when we were first seeing a surge in WannaCry attacks, WikiLeaks dumped new files part of the Vault 7 series," reports BleepingComputer. This time, the organization dumped user manuals for two hacking tools named AfterMidnight and Assassin. Both are malware frameworks, but of the two, the most interesting is AfterMidnight -- a backdoor trojan for stealing data from infected PCs. According to its leaked manual, AfterMidnight contains a module to "subvert" user software by killing processes and delaying the execution of user software. Examples in this manual show CIA operatives how to kill browsers every 30 seconds to keep targets focused on their work, how to delay the execution of PowerPoint software with 30 seconds just to mess with their targets, or how to lock up 50% of PC resources whenever the user starts certain software. Basically, the CIA created nagware.

Re:please stop them

[Kiuas]

Man I wish we had some vigilante hackers that would shut down wikileaks, they are the Enemy. Giving secrets to them is giving them to the enemy which is all the spyware writers in North Korea.

Do you not think the other agencies don't have access to such tools and information already? Exploits are sold and distributed in the darkweb on a daily basis, you can even these days buy malware as a service. It's a highly advanced, highly lucrative industry with professionals at work on all sides. And not all the players are state actors, plenty of them have commercial interests in mind and these people don't care who's buying.

Now, someone else said it well in a recent story about WannaCry: the lesson of this story is not just 'guard your weapons better' but also 'make better armor'

Putting these exploits out there allows for people to defend themselves against them. Following the mentality of 'well let's just not tell anyone of this exploit we found and no $BAD GUYS will ever find it" is arrogant and stupid because there are billions of dollars involved in the industry of seeking out and taking advantage of these exploits. There are millions of people across the planet right now working for criminal enterprises whose day-to-day job it is to seek these security holes out, with or without sites like WikiLeaks.

I personally think the whole tactic of not informing companies of serious security flaws in their products in the hopes of one day being able to use said exploits to target $BAD GUYS, is incredibly stupid and shortsighted because it simultaneously puts EVERYONE running these systems in the US/west at risk of being attacked by whoever else has found the same exploit. It's literally the same as finding out a vaccine for a deadly virus but trying to keep it a secret in case one day you decide to start full-scale biological war against $BAD GUYS; if your population is not vaccinated and is hit first by the enemy, you're fucked. The risk-reward ration is absurd.

But then again, I'm not american, so that must mean I'm the enemy, right?

Re:It is rather odd...

[F.Ultra]

What you should ask instead is why no one seams to leak such information to Wikileaks. It's not Wikileaks that hunts down and finds this information, it's sent to them. If you leak Russian secrets to them I'm quite sure that they would distribute them because it's not like the Internet is full of "I leaked Russian data to Wikileaks but they never released them" either.