Welcome to Smokey's Security Forums.
As a guest you only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

New Locky Ransomware Takes Another Turn

A newly discovered strain of Locky ransomware has been discovered masquerading as legitimate Microsoft Word documents.

New Locky Ransomware Takes Another Turn

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: New WikiLeaks Dump Uncovers CIA Malware Infecting Windows Boot Sector  (Read 44 times)

0 Members and 1 Guest are viewing this topic.

QuizmasterTopic starter

  • Flying Nurse
  • Seasonal Competition Team
  • *
  • Offline Offline
  • location: USA - Miami,FL
  • Posts: 23025
  • .: Surf Queen
    • WWW
New WikiLeaks Dump Uncovers CIA Malware Infecting Windows Boot Sector
31 August 2017, 1:28 pm

WikiLeaks has just revealed another secret CIA project used to compromise Windows systems, this time targeting the operating system boot sector to then allow for deploying more payloads.

Codenamed project Angelfire, the hacking tools were aimed at Windows XP and Windows 7 and consisted of 5 different tools that worked together to compromise a system.

First of all, it’s Solartime, a malware component whose primary goal is to modify the boot sector to load a second module called Wolfcreek and consisting of a set of drivers that enable dumping other payloads like drivers and applications.

A third component is called Keystone and was specifically deployed by the CIA because it allowed agents to deploy additional malware on the infected systems, while the fourth is called BadMFS and represented a file system storing all the other components encrypted and obfuscated.

And the last one is Windows Transitory File System, which WikiLeaks says was designed as an alternative... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle