WikiLeaks says CIA’s “Pandemic” turns servers into infectious Patient Zero

by
Dan Goodin
from Ars Technica - All content on (#2RHRC)
pandemic-800x464.png

Enlarge / One of the pages published Thursday in WikiLeaks' latest Vault 7 release. (credit: WikiLeaks)

WikiLeaks just published details of a purported CIA operation that turns Windows file servers into covert attack machines that surreptitiously infect computers of interest inside a targeted network.

"Pandemic," as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers. A user manual said Pandemic takes only 15 seconds to be installed. The documents didn't describe precisely how Pandemic would get installed on a file server.

In a note accompanying Thursday's release, WikiLeaks officials wrote:

Read 7 remaining paragraphs | Comments

index?i=xhbpjXznLp4:U6n_KgsiqEI:V_sGLiPB index?i=xhbpjXznLp4:U6n_KgsiqEI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments