[conspire] (forw) Re: [OCLUG] Linux a Target For Spooks
Rick Moen
rick at linuxmafia.com
Wed Mar 8 12:19:35 PST 2017
----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----
Date: Wed, 8 Mar 2017 09:22:05 -0800
From: Rick Moen <rick at linuxmafia.com>
To: oclug at mailman.oclug.org
Subject: Re: [OCLUG] Linux a Target For Spooks
Initial map of 'Vault 7's' source code dump:
https://wikileaks.org/ciav7p1/cms/page_22642800.html
xkcd on 'less-dramatic revelations from the CIA hacking dump':
https://xkcd.com/1808/
Stuff about a trojan kit called HIVE:
https://wikileaks.org/ciav7p1/cms/files/UsersGuide.pdf
https://wikileaks.org/ciav7p1/cms/files/DevelopersGuide.pdf
HIVE is a multi-platform CIA malware suite and its associated control
software. The project provides customizable implants for Windows,
Solaris, MikroTik (used in internet routers) and Linux platforms and a
Listening Post (LP)/Command and Control (C2) infrastructure to
communicate with these implants. The implants are configured to
communicate via HTTPS with the webserver of a cover domain; each
operation utilizing these implants has a separate cover domain and the
infrastructure can handle any number of cover domains.
(For those unclear on such matters, this doesn't _break in_ to the
target hosts in question. It's a kit to install to instrument a system
for remote control after cracking root via other means.)
Still not seeing any 'zero day' Linux attacks, etc. (But I don't have
time to dig more into these thousands of things, as I'm off to the
Caribbean for a week.)
Initial EFF comment:
https://www.eff.org/deeplinks/2017/03/hey-cia-you-held-security-flaw-information-now-its-out-thats-not-how-it-should
_______________________________________________
OCLUG mailing list -- OCLUG at mailman.oclug.org
http://mailman.oclug.org/mailman/listinfo/oclug
----- End forwarded message -----
More information about the conspire
mailing list