Since March, WikiLeaks has published thousands of documents and other secret tools that the whistleblower group claims came from the CIA.
This latest batch is the 7th release in the whistleblowing organization’s ‘Vault 7’ series.
Dubbed Archimedes, the newly released CIA tool, dumped on Friday, purportedly used to attack computers inside a Local Area Network (LAN).
The leaked documents describe Archimedes as a tool that lets users redirect LAN traffic from a targeted computer through a malware-infected computer controlled by the CIA before the traffic is passed on to the gateway, which is known as man-in-the-middle (MitM) attack.
The tool in itself is very simple without any extraordinary capabilities, as there are many MitM tools available on the Internet that anyone can be download and use it to target users on the local network.
Rendition Infosec founder Jake Williams also pointed out that the tool is not even originally developed by the CIA, rather appears to be a repackaged version of Ettercap – an open source toolkit for MitM attacks.
Williams also noted that the potential CIA targets could even use the leaked information to see whether their computers had been targeted by the agency.
Since March the Whistleblowing website has published 7 batches of “Vault 7” series, which includes the latest and last week leaks, along with the following batches:
- “Year Zero” – dumped CIA hacking exploits for popular hardware and software.
- “Weeping Angel” – spying tool used by the agency to infiltrate smart TV’s, transforming them into covert microphones.
- “Dark Matter” – focused on hacking exploits the agency designed to target iPhones and Macs.
- “Marble” – revealed the source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the CIA to hide the actual source of its malware.
- “Grasshopper” – reveal a framework which allowed the agency to easily create custom malware for breaking into Microsoft’s Windows and bypassing antivirus protection.