Sunday, July 14, 2024
-Advertisement-
Digital Senate
Digital Senate
Digital Senate
Digital Senate
HomeNewsCyber SecurityWikiLeaks Vault 7: CIA used Angelfire framework to infect Windows XP, Windows 7 to spy

WikiLeaks Vault 7: CIA used Angelfire framework to infect Windows XP, Windows 7 to spy

Follow Tech Observer on Google News

Wikileaks has published set of files dubbed “Angelfire” as a part of their Vault 7 project. The leak reveals a framework used by the CIA to infect machines using older versions of Windows operating systems, Windows XP or Windows 7.

Google News

Wikileaks has published set of files dubbed “Angelfire” as a part of their Vault 7 project. The leak reveals a framework used by the to infect machines using older versions of Windows operating systems, Windows XP or Windows 7. Indian organisations may be endangered due to high usage of old Windows OS.

Angelfire is a set of 5 tools named as Solartime, Wolfcreek, Keystone, BadMFS, and the Windows Transitory File system. SolarTime modifies the partition boot sector (The place in a hard drive that tells your computer where the operating system files are and how to execute them) of the system allowing CIA to inject code in even before the operating system boots up. This injected code further modifies the Windows processes which gives the CIA access to the hard drive every time a system starts up.

Wolfcreek is the injected code that is executed by Solartime. It is a self-loading master process that can be further used by the CIA to modify the machine's processes and applications. Keystone is the framework that is used to load malicious code on the targeted systems without getting it anywhere near an antivirus solution. It injects the code can directly on the memory without even touching the file system making it completely untraceable.

BadMFS keeps a log of every malicious implant, drivers or executables activated by WolfCreek. Windows Transitory System is used by CIA to create files for specific actions including installation, adding files to Angelfire or removing files from Angelfire.

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Tech Observer Desk
Tech Observer Desk
Tech Observer Desk at TechObserver.in is a team of technology reporters led by a senior editor who brings latest updates and developments from the world of technology.
- Advertisement -
Bitcoin 2024
Bitcoin 2024
Bitcoin 2024
Bitcoin 2024
- Advertisement -Digital Senate
- Advertisement -Education Sabha
- Advertisement -Bitcoin 2024
- Advertisement -ESDS SAP Hana

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

Oppo launches AI-loaded Reno 12 series with Sony sensor 50MP camera

Oppo Reno 12 series which includes the Reno 12 5G and Reno 12 Pro 5G, promises a blend of cutting-edge AI features, robust durability and sleek aesthetics, said a senior executive.

RELATED ARTICLES