Wikileaks has already made public tools used by the CIA to hack wifi routers , giant of tech Microsoft ‘s windows computer ,the tech giant apple ‘s device or Samsung televisions, among other devices.
But, now the leaks portal, of course, the Wikileaks shares a new publication practically every week, and today it is the turn of malware to spy on the geographical location of PCs through WiFi.
Recent, report from Wikileaks brings to light the user manual of ELSA, a malicious program with which the Central Intelligence Agency of the United States (CIA) supposedly registered the location of its objectives through a wireless connection to the Internet, for example with a computer Laptop running the tech giant Microsoft’s Windows operating system.
Once ELSA is installed on the computer exploiting different exploits, CIA malware is able to register the ESS identifier, MAC address and signal strength at regular intervals. “To perform data collection, the target machine does not have to be online or connected to an access point, it must only be running with a Wi-Fi enabled device,” the popular leak portal Wikileaks explains.
In case the computer is connected to the Internet, the malware will try to use the Google or Microsoft public geolocation databases, in order to determine the position of the device. Once the location is identified, the system stores the altitude and length data along with a timestamp on an encrypted copy within the device, which will be automatically sent to CIA servers wherever possible.
Even, a few days back we reported about the Brutal Kangaroo project malware which used by CIA and leaked by WikiLeaks. The Brutal Kangaroo project is composed of several components:-
- Drifting Deadline: USB memory infection tool.
- Shattered Assurance: Server tool that manages the automated infection of storage units.
- Broken Promise: System that evaluates the collected information.
- Shadow: A mechanism that acts as a covert C & C network.
Brutal Kangaroo takes advantage of a Windows vulnerability that can be exploited by links to handmade files that load and execute programs without user interaction.
However, according to the leak portal, of course, Wikileaks, the ELSA project allows you to customize the implant to match the target environment and the operational objectives of each occasion. In addition, additional back-end software facilitates the creation of a target device tracking profile.