Vault 7: OutlawCountry

BIG BROTHER - SPYING - SURVEILLANCE - WHISTLEBLOWING, 3 Jul 2017

WikiLeaks – TRANSCEND Media Service

Today, June 29th 2017, WikiLeaks publishes documents from the OutlawCountry project of the CIA that targets computers running the Linux operating system. OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from a user or even system administrator.

The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system. OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain.

Leaked Documents:

OutlawCountry v1.0 User Manual

OutlawCountry v1.0 Test Plan

___________________________________________________

All Releases:

Vault 7: Elsa – 28 Jun 2017

Vault 7: Brutal Kangaroo – 22 Jun 2017

Vault 7: Cherry Blossom – 15 Jun 2017

Vault 7: Pandemic – 1 Jun 2017

Vault 7: Athena – 19 May 2017

Vault 7: AfterMidnight & Assassin Frameworks – 12 May 2017

Vault 7: Archimedes – 5 May 2017

Vault 7: Scribbles Project – 28 Apr 2017

Vault 7: Weeping Angel – 21 Apr 2017

Vault 7: Hive Project – 14 Apr 2017

Vault 7: Grasshopper Framework – 7 Apr 2017

Vault 7: Marble Framework – 31 Mar 2017

Vault 7: Project Dark Matter – 23 Mar 2017

Vault 7: CIA Hacking Tools Revealed – 7 Mar 2017

Go to Original – wikileaks.org

 

Share or download this article:


DISCLAIMER: In accordance with title 17 U.S.C. section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. TMS has no affiliation whatsoever with the originator of this article nor is TMS endorsed or sponsored by the originator. “GO TO ORIGINAL” links are provided as a convenience to our readers and allow for verification of authenticity. However, as originating pages are often updated by their originating host sites, the versions posted may not match the versions our readers view when clicking the “GO TO ORIGINAL” links. This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.


Comments are closed.