Athena: The new CIA spyware exposed by WikiLeaks

Full Control, from XP to Windows 10

In yet another publication of its controversial Vault 7 series, WikiLeaks people leaked technical details about a variant of spyware that bears the code name Athena, developed by the CIA and a private company. The attacker can enter an infected computer remotely, enter and / or execute malicious packages with specific functions, and take files without compromising their persistence in the operating system.

WannaCry was just a sample of what can happen when certain government agencies begin to accumulate exploits and payloads as if they were traditional weapons ... and leave an open door. For years we have called on the major market players for greater transparency in their collaboration with these agencies, and after WannaCry, the pressure is felt more than ever. However, the detail that these corporations decide to speak or not pale in the face of the "cyberarsenal" that the authorities keep "in the name of national security", and other similar expressions. It is a matter of time for a new global campaign to hit common users, therefore, our best defense is to get as much information as possible about those weapons. That's when WikiLeaks takes part with its publications on Vault 7, and the last entry is named Athena.

                                    Access, remote execution, and persistence. Perfect combo.

Athena is an "implant" with the ability to affect all major versions of Windows, starting with XP. Its creation is the responsibility of the CIA, but it apparently joined forces with a private company called Siege Technologies (now under the wing of Nehemiah Security), which provides "cybersecurity solutions" and "offensive cyberwar technologies". Athena delivers to an attacker remote connectivity with the infected computer, dynamic configuration changes, execution of specific tasks that can be loaded or downloaded from memory to leave no trace, and extraction or injection of files into a special folder. Athena runs on user space, and persists within the system.

Although it all depends on the method of infection used, Athena sounds like a real feast for malicious elements thinking about conducting a ransomware campaign. The documentation shared by WikiLeaks is very broad, and includes a "user guide" with more than 40 pages.


Official site: Click here