icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
1 Jun, 2017 13:28

#Vault7: CIA’s ‘Pandemic’ turns file servers into ‘Patient Zero’

#Vault7: CIA’s ‘Pandemic’ turns file servers into ‘Patient Zero’

The latest WikiLeaks ‘Vault7’ release details an alleged CIA project allowing the spy agency to give file servers the capability to infect machines which access them remotely.

‘Pandemic’ reveals the role of a persistent implant for Microsoft Windows file servers, accessed by remote machines to run programs, according to a statement from WikiLeaks. 

The project acts as a ‘Patient Zero’ – a term used to describe the first identified carrier of a communicable disease during an outbreak. 

‘Pandemic’ disguises itself on the infected source machine where the targeted files remain unchanged. 

It’s modified when in transit from the source file server to the remote machine. When executed on the new machine ‘Pandemic’ will install the program, an iteration of which will now contain modified code.

‘Pandemic’ can replace up to 20 programs, with a maximum size of 800MB. 

According to WikiLeaks “a single computer on a local network with shared drives that’s infected with the ‘Pandemic’ implant will act like a ‘Patient Zero’ in the spread of a disease.” 

The latest release, which consists of five files, does not make clear if the infected machines become new pandemic servers, although WikiLeaks claims this is technically feasible. 

According to the ‘Pandemic’ documentation its installation takes between 10 to 15 seconds. 

The release is the latest in WikiLeaks’ ‘Vault7’ series, detailing hacking techniques allegedly sourced from within the CIA. 

Previous releases have revealed techniques used to weaponize mobile phones, conduct surveillance via Smart TVs and load and execute malware on a target machine.

Podcasts
0:00
30:25
0:00
22:18