An Interest In:
Web News this Week
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
- April 17, 2024
Some of Our Sources
- Slashdot
- Just Creative
- Abduzeedo
- You The Designer
- Creative Curio
- Reencoded
- Freelance Switch
- Codrops
- Daily Now
- TechPowerUp
Help Webnuz
Referal links:
June 3, 2017 02:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/oWbhi58S7m4/cia-malware-can-switch-clean-files-with-malware-when-you-download-them-via-smb
CIA Malware Can Switch Clean Files With Malware When You Download Them Via SMB
An anonymous reader quotes a report from Bleeping Computer: "After taking last week off, WikiLeaks came back today and released documentation on another CIA cyber weapon. Codenamed Pandemic, this is a tool that targets computers with shared folders, from where users download files via SMB. The way Pandemic works is quite ingenious and original, and something not seen before in any other malware strain. According to a leaked CIA manual, Pandemic is installed on target machines as a "file system filter driver." This driver's function is to listen to SMB traffic and detect attempts from other users to download shared files from the infected computer. Pandemic will intercept this SMB request and answer on behalf of the infected computer. Instead of the legitimate file, Pandemic will deliver a malware-infected file instead. According to the CIA manual, Pandemic can replace up to 20 legitimate files at a time, with a maximum size of 800MB per file, and only takes 15 seconds to install. Support is included for replacing both 32-bit and 64-bit files. The tool was specifically developed to replace executable files, especially those hosted on enterprise networks via shared folders. The role of this cyber weapon is to infect corporate file sharing servers and deliver a malicious executable to other persons on the network, hence the tool's name of Pandemic.at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/oWbhi58S7m4/cia-malware-can-switch-clean-files-with-malware-when-you-download-them-via-smb
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot