CIA Vault 7 Vulnerabilities in Anti-Virus Solutions
This is my first article for the 0P3N Knowledgebase, and what an eye-opener. The more you go into these documents the more you understand just how bad this leak really was. The tools they use I never even knew existed. Anyway, enjoy the article and comment on what you think of WikiLeaks CIA Vault 7. I do have more articles I need to tidy up before submitting them.
The anti-virus programs below were all exposed and used by the CIA, and I expect you are using at least one of them, like myself. The leaked documents on WikiLeaks, show that the CIA compromised the following Anti-Virus solutions, and did not report the vulnerabilities.
What makes this discovery even worse is that the CIA used the vulnerabilities to install malware on numerous devices. You can find that the news media is not shown any of this information on the CIA Vault 7 Leak, it's about time the real extent needs to be publicly posted. Everything I have listed is in the main document, in some parts I did 'drill-down' to find this information. I was shocked to see virtually all the main anti-virus solutions have vulnerabilities.
Microsoft Security EssentialsMcAfeeKasperskyAviraAVGAvastESETF-SecureGDATAClamAVBitdefenderZone AlarmTrend MicroSymantecRisingPanda SecurityNortonMalwarebytes Anti-MalwareComodoPSP Process Names from DARTZemana AntiloggerEMET (Enhanced Mitigation Experience Toolkit)Articles on Exploiting PSPs
The further I went into these CIA Vault 7 documents, the worse the story became. I have listed the “Fine Dining Tool Module Lists” you will soon see that there is much more going on than the media posted.
Thunderbird Portable DLL HijackChrome Portable DLL HijackLBreakout2 Game Portable DLL Hijack2048 Game DLL HijackFoxitReader Portable DLL HijackSophos Virus Removal Tool DLL HijackKaspersky TDSS Killer Portable DLL HijackClamWin Portable DLL HijackIperius Backup DLL HijackOperaMail DLL HijackSandisk Secure Access v2 DLL HijackLibreOffice Portable DLL HijackBabelPad Portable HijackNotepad++ DLL HijackMcAfee Stinger Portable DLL HijackSkype Portable DLL HijackOpera Portable DLL Hijack
Under AIB Home > Projects (I found these entries)CascadeMacAfee Virus Scan blocking injection into svc hostESET firewall blocking for UDP, TCP, and ICMP
I saw JIRA reports, VMware and Configure Wireshark for Ubuntu.
The last of the information I found on Vault 7: CIA Hacking Tools Revealed was this:
iOS Exploits Data - [This is a must read if you use the iOS system]https://wikileaks.org/ciav7p1/cms/page_13205587.html
You can see now all this data is used and who is behind the Top-Secret material. The agencies at the time of using these tools is clearly shownI have only scratched the surface of the documents, which there is nearly 10,000 with more due to release.
I have been working one in one directory which you can view at this URL: https://wikileaks.org/ciav7p1/cms/index.html
I hope you found this interesting for my first article. If you found it useful feel free to throw me a few Cybytes (only if you are rich!) and comment, please.
Take care, all.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!