WikiLeaks is at it again. This time around they have published documents that reveal some of the hacking tools that the CIA use. The latest dossier by the whistleblowers shows how the CIA has been infiltrating air-grabbed computers – machines by using a Brutal Kangaroo program. Such machines hold sensitive information, and they are therefore isolated physically from other computers making them incapable of connecting to unsecured networks or other computers.
In the past technocrats have thought that #Air - grabbed computers are the safest machines and not prone to hacking.
Individuals and organisations that work with classified materials have opted for these computers because of the maximum amount of protection they offered.
After the leaked dossier on how the brutal kangaroo program is able to attack such computers, the belief now becomes but a myth.
How the Brutal Kangaroo program works
Since Air-grabbed machines are not connected to the internet, USB thumb drives and other removable devices are the only methods used to transfer data to and from the machines. The data available on the machines is copied to be viewed by the users, but only within the restrictions of a private network.
According to the CIA, the Brutal kangaroo has many components. One of its components is Shattered Assurance, which is a server tool able to utilize the drifting malware deadline giving it the ability to infect any USB drives plugged into the machine.
A drifting deadline is simply a tool that can infect a machine when you insert a Usb Thumb Drive. Most malware is activated by clicking on it, but for a Drifting Deadline, you only have to view it in Windows Explorer for it to be passed to the machine viewing it.
The infected computer becomes the primary host, and the program uses it as an infection hub.
Anytime a user inserts a USB drive into the primary host, it becomes infected with the malware, which is different from the one that infected the host computer. If the second user takes the USB thumb drive to another computer, the computer will as well be infected by the second-stage malware.
There is also some good news. Several antivirus programs are able to detect Brutal kangaroo malware.
The list includes Bitdefender, Avira, Symantec and Rising Antivirus. Microsoft has also released security updates this month that is able to protect against the program.
More CIA hacking News yet to come from vault 7
So far, the Brutal Kangaroo is the 12th release from the vault 7 projects. The majority of the files being released are connected to cyber-attacks tools that were developed or used by the CIA. The files show the capability that the CIA is able to perform towards electronic surveillance and cyber warfare. Julian Assange claims that all these files being released are authentic and he gets them from the US Central Intelligence Agency.