OUTLAW COUNTRY | New Vault 7 Release Targets Linux
A kernel module that creates a hidden netfilter table on Linux targets conceals itself from admins and users.
OutlawCountry
Today Wikileaks released yet another set of documents from their Vault 7 CIA leaks. This latest publication reveals the tools used by the CIA to target and infect Linux (open source operating system) based computers. Once infected the computer or computers will redirect all outbound network traffic to CIA command & control servers. The documentation below describes it in a bit more detail:
System Overview and Description
OutlawCountry consists of a kernel module that creates a hidden netfilter table on a Linux target. With knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules.
Assumptions and Constraints
OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x. This module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain.
There is little evidence in the document that describes the methods used to compromise targeted computers with this malware but as we know from previous Vault 7 releases it could be done in any number of ways.
I've have a feeling this is the last publication from the 1st part of Vault 7. I get this feeling because Wikileaks released Elsa, a geo-location malware for WiFi-enabled devices, yesterday and now Outlaw Country today. Usually they leave it about a week between releases. They've also hinted to Media ops which is part 2 of Vault 7 being released on July 4th, American Independence Day.
Related post:
VAULT 7 | Wikileaks Releases The Air-Gap Jumping Brutal Kangaroo | Steemit - @Fortified - 06/23/2017
Vault 7 - The "Elsa" Tracking Implant | Steemit - @v4vapid - 06/29/2017
MEDIA OPS | Wikileaks Hints To Part 2 Of Vault 7 Release - 4th July | Steemit - @Fortified - 06/26/2017
Thanks! I'm struggling for words.. Just.. No one, or no place is safe.
I guess we just need to reinstall our entire software stack every day.
This is why I will never own a car with software. My current ride is a 1980 VW pickup with mechanical fuel injection. Ugly, but the CIA can't mess with my fuel efficiency.
Thanks!
Edit: oh yeah, resteemed.
Thank you.
Maybe this is why cowboys ride horses.
Nice one @valued-customer...VW classic!
This is so fucked though, Linux / Apple / Microsoft... all compromised. wtf
Well, this is why we can't have nice things. =/
Resharing @phibetaiota
Thank you for the contribution.
~The Management
Thank you as always my friend.
Oh shit, not Linux!!! You failed us penguin!
Just wanted to let you know, Part 7 of my cryptology series: Key Management is out!
https://steemit.com/cryptocurrency/@digicrypt/cryptology-series-part-7-key-management
Next one up will be quantum cryptography!
Yes thank you kindly. Always appreciate your posts.