WikiLeaks Reveals A CIA LAN-Attacking Tool From 'Vault 7'

An anonymous reader quotes BetaNews:
WikiLeaks continues to release revealing documents from its Vault 7 cache. This time around the organization introduces us to a CIA tool called Archimedes — previously known as Fulcrum. As before, there is little to confirm whether or not the tool is still in active use — or, indeed, if it has actually ever been used — but the documentation shows how it can be installed on a LAN to perform a man-in-the-middle attack. The manual itself explains how Archimedes works: “Archimedes is used to redirect LAN traffic from a target’s computer through an attacker controlled computer before it is passed to the gateway. This enables the tool to inject a forged web server response that will redirect the target’s web browser to an arbitrary location. This technique is typically used to redirect the target to an exploitation server while providing the appearance of a normal browsing session.”

HotHardware notes that WikiLeaks “also provided the full documentation for Fulcrum, which goes into much greater detail about how the man-in-the-middle operation is conducted” — including this instruction in the guide’s “Management” section. “If you are reading this then you have successfully delivered the Fulcrum packages and provided the binaries with code execution. Hoorah! At this stage, there is not much to do other than sit back and wait.”

Read more of this story at Slashdot.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.