Saturday, May 25, 2024
-Advertisement-
Reimagining Public Sector Analytics
Reimagining Public Sector Analytics
HomeNewsCyber SecurityWikiLeaks Vault 7: CIA used Angelfire framework to infect Windows XP, Windows 7 to spy

WikiLeaks Vault 7: CIA used Angelfire framework to infect Windows XP, Windows 7 to spy

Follow Tech Observer on Google News

Wikileaks has published set of files dubbed “Angelfire” as a part of their Vault 7 project. The leak reveals a framework used by the CIA to infect machines using older versions of Windows operating systems, Windows XP or Windows 7.

Google News

Wikileaks has published set of files dubbed “Angelfire” as a part of their Vault 7 project. The leak reveals a framework used by the to infect machines using older versions of Windows operating systems, Windows XP or Windows 7. Indian organisations may be endangered due to high usage of old Windows OS.

Angelfire is a set of 5 tools named as Solartime, Wolfcreek, Keystone, BadMFS, and the Windows Transitory File system. SolarTime modifies the partition boot sector (The place in a hard drive that tells your computer where the operating system files are and how to execute them) of the system allowing CIA to inject code in even before the operating system boots up. This injected code further modifies the Windows processes which gives the CIA access to the hard drive every time a system starts up.

Wolfcreek is the injected code that is executed by Solartime. It is a self-loading master process that can be further used by the CIA to modify the machine's processes and applications. Keystone is the framework that is used to load malicious code on the targeted systems without getting it anywhere near an antivirus solution. It injects the code can directly on the memory without even touching the file system making it completely untraceable.

BadMFS keeps a log of every malicious implant, drivers or executables activated by WolfCreek. Windows Transitory System is used by CIA to create files for specific actions including installation, adding files to Angelfire or removing files from Angelfire.

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Tech Observer Desk
Tech Observer Desk
Tech Observer Desk at TechObserver.in is a team of technology reporters led by a senior editor who brings latest updates and developments from the world of technology.
- Advertisement -
EmpowerFest 2024
EmpowerFest 2024
EmpowerFest 2024
EmpowerFest 2024
- Advertisement -EmpowerFest 2024
- Advertisement -Education Sabha
- Advertisement -Veeam
- Advertisement -Reimagining Public Sector Analytics
- Advertisement -ESDS SAP Hana

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

Data security paramount as AI and Cloud adoption accelerate, says Futurex VP Ruchin Kumar

With advancements in technology and increasing regulatory scrutiny, the future of data security looks promising, said Ruchin Kumar, Vice President of South Asia, Futurex.

RELATED ARTICLES