WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows
Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.
- Primary: Athena for XP to Windows 10
- Secondary: Hera for Windows 8 through Windows 10
The leaked documents suggest that Athena, written in Python programming language, was developed in August 2015, just a month after Microsoft released its Windows 10 operating system.
"Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system," WikiLeaks claims.
Interestingly, one document also suggests that the CIA agents have been advised to make sure that the spyware should not get caught by antivirus software programs, especially Kaspersky AV software.
However, WikiLeaks has not provided any detail about the operations being conducted by the agency using Athena, but it is not hard to imagine how the intelligence agency would be using this program to spy on their targets.
Last week, WikiLeaks dumped two apparent CIA malware frameworks – AfterMidnight and Assassin – for the Microsoft Windows platform that has been designed to monitor and report back actions on the infected remote host computer and execute malicious actions.
Since March, the whistleblowing group has published nine batches of "Vault 7" series, which includes the latest and last week leaks, along with the following batches:
- Archimedes – a man-in-the-middle (MitM) attack tool allegedly created by the CIA to target computers inside a Local Area Network (LAN).
- Scribbles – a piece of software allegedly designed to embed 'web beacons' into confidential documents, allowing the spying agency to track insiders and whistleblowers.
- Grasshopper – reveal a framework which allowed the agency to easily create custom malware for breaking into Microsoft's Windows and bypassing antivirus protection.
- Marble – revealed the source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the CIA to hide the actual source of its malware.
- Dark Matter – focused on hacking exploits the agency designed to target iPhones and Macs.
- Weeping Angel – spying tool used by the agency to infiltrate smart TV's, transforming them into covert microphones.
- Year Zero – dumped CIA hacking exploits for popular hardware and software.