JULIAN ASSANGE'S LEAKY HOBBY SITE Wikileaks has crashed a US Central Intelligence Agency party and spilled all there is to know about a hacking toolset called Angelfire that the agency uses, but probably does not want you to know about.
The leak comes from the Wikileaks Vault 7 stuff and claims to concern a backdoor into the Windows operating system that works on Windows 7 and XP and maybe, but not definitely Windows 10.
"Angelfire is an implant comprised of five components: Solartime, Wolfcreek, Keystone (previously MagicWand), BadMFS, and the Windows Transitory File System. Like previously published CIA projects (Grasshopper and AfterMidnight) in the Vault7 series, it is a persistent framework that can load and execute custom implants on target computers running the Microsoft Windows operating system," says Wikileaks in its tell-all story.
The group then goes on to explain what each of these components do. None of which is great, and all of it can be used to create memory leaks without leaving much of a trail. The information for the Vault 7 leaks comes from a breach on the CIA, Wikileaks obtained the treasure trove of information in 2017 and has been leaking dribs and drabs out ever since.
"Solartime modifies the partition boot sector so that when Windows loads boot time device drivers, it also loads and executes the Wolfcreek implant, that once executed, can load and run other Angelfire implants. According to the documents, the loading of additional implants creates memory leaks that can be possibly detected on infected machines," it explained.
"Keystone is part of the Wolfcreek implant and responsible for starting malicious user applications. Loaded implants never touch the file system, so there is very little forensic evidence that the process was ever ran.
At least there would be little evidence if it wasn't for those pesky kids at Wikileaks. µ
Because some people still love to carry small pieces of cardboard
Samsung flagship might also sport enhanced facial recognition tech
Firm claims it's fixed, but customers are still reporting issues
And its called it Google Podcasts, because of course