Skip to main content

WikiLeaks Has Exposed More CIA-Developed Malware [Achilles, Aeris, SeaPea]

By

WikiLeaks has been exposing CIA-developed hacking tools on a regular basis since early 2017. These leaks are a part of Vault 7 leaks, which have witnessed tons of hacking tools that target different operating systems with different attack vectors. In this series, WikiLeaks has exposed
CIA’s Imperial project.
The Imperial project contains information regarding this hacking tools. While Achilles and SeaPea target Apple’s macOS operating system, Aeris targets Linux-based systems.
Let’s tell you about these Linux and macOS hacking tools one by one:

Aeris 2.1

Aeris, named after Final Fantasy VII’s Aeris Gainsborough, is an implant designed to infect Linux-based systems. It’s an automated implant written in C that supports numerous POSIX-based systems. The supported platforms are:
  • Debian Linux 7 (i386)
  • Debian Linux 7 (amd64)
  • Debian Linux 7 (ARM)
  • Red Hat Enterprise Linux 6 (i386)
  • Red Hat Enterprise Linux 6 (amd64)
  • Solaris 11 (i386)
  • Solaris 11 (SPARC)
  • FreeBSD 8 (i386)
  • FreeBSD 8 (amd64)
  • CentOS 5.3 (i386)
  • CentOS 5.7 (i386)
This highlight features of Aeris are configurable beacon interval, standalone HTTPS LS support, SMTP protocol support, TLS encrypted communications, automated file exfiltration, structured C&C, and compatibility with NOD cryptographic specification.
The distribution of Aeris Linux malware takes place with a set of Python utilities with one binary per platforms listed above.
Find detailed information: Aeris

Achilles 1.0

Achilles malware comes with the capability to inject trojans into a macOS installer, i.e., a DMG file, for a one-time execution.
Achilles has been tested in Intel processors running OS 10.6. The brief instruction manual of Achilles tells that the malicious DMG file should behave like the original DMG file. After the user runs the infected file, the payload will be installed and later removed. This way, the malware tried to erase its footprints and avoid suspicion.
Find Achilles user guide: Achilles

SeaPea 4.0

SeaPea is a macOS toolkit that comes with stealth and tool launching features. It’s also able to hide files, socket connections, and processes on the infected systems. CIA has tested the SeaPea malware on OS X 10.6 and 10.7 operating systems.
The SeaPea toolkit operates by assigning the processes to one of the 3 different categories: Normal, Elite, and Super-Elite. All the commands in SeaPea are run as an Elite process.
Find SeaPea user guide: SeaPea
Labels:

Comments

Post a Comment

Follow Us

WHAT'S HOT

Fedora Project Finally Releases Fedora 27 Beta And “Rock Solid” FreeBSD 10.4

By
After a few hiccups and delays, the Fedora Project has finally shipped the beta release for Fedora 27 Linux distro. This is a major milestone before the final version ships later this year in
1 comment
Continue Reading »

How To Connect Android or iOS Phone To Windows 10

By
The  Continue on PC  feature is currently available to Windows Insiders, but it’ll arrive for regular users once the update starts landing on their PCs. If you’re running an Insider build, you can use the steps mentioned in this post to connect your phone to Windows 10 PC.
1 comment
Continue Reading »

Extratorrent Brought Back From The Dead By Fans, Now Running On A New Domain

By
I t was merely a couple of days back when the shutdown of the torrent website  Extratorrent.cc was announced . Now, a group of uploaders and Extratorrent admins claim to have revived the torrent site on a new domain  Extratorrent.cd .
2 comments
Continue Reading »

How To Disable The Irritating OneDrive Ads In Windows 10 File Explorer?

By
Some users have started to see intrusive OneDrive advertisements in Windows 10’s File Explorer offering 1TB OneDrive storage along with the Office 365 products. It’s not surprising given Microsoft’s history of shamelessly promoting products in the past. The annoying advertisement can be disabled using the File Explorer options in the Windows
Post a Comment
Continue Reading »