The latest Vault 7 documents released by WikiLeaks enclose the techniques CIA is using to infect so-called “air-gapped” PCs. It exposes a malware that targets the computers which are not connected to the internet through using a USB stick.
These hacking methods exposed by Julian Assange’s WikiLeaks on Thursday, inject vulnerabilities alike those used in the unknown Stuxnet attacks. These attacks were planned by the US and Israel in order to infect the nuclear plants in Iran which also utilize Thumb drives to access the critical systems.
An array of manuals was included in the Wikileaks exposed “Brutal Kangaroo” leak from CIA information office. An overview of these attacks was illustrated in the user guide released in February 2016, showing the workings of “drifting Deadline” malware which is included in the Brutal Kangaroo suite. This malware was designed in a way that it first infects a PC and then the plugged-in thumb drive. Whenever the victim move this USB stick to a non-connected (air-gapped) computer, the malware infection spreads.
Finally, the software named Shadow could “create a custom covert network within the target closed network,” which CIA could use to carry out further attacks and tracking activities.
