Wikileaks veröffentlicht CIA-Trojaner “Imperial”: Macintosh, Debian, Redhat, Solaris, FreeBSD, CentOS – die CIA verwanzt einfach alles
Today, July 27th 2017, WikiLeaks publishes documents from the Imperial
project of the CIA.
Achilles is a capability that provides an operator the ability to
trojan an OS X disk image (.dmg) installer with one or more desired
operator specified executables for a one-time execution.
Aeris is an automated implant written in C that supports a number of
POSIX-based systems (Debian, RHEL, Solaris, FreeBSD, CentOS). It
supports automated file exfiltration, configurable beacon interval and
jitter, standalone and Collide-based HTTPS LP support and SMTP protocol
support – all with TLS encrypted communications with mutual
authentication. It is compatible with the NOD Cryptographic
Specification and provides structured command and control that is
similar to that used by several Windows implants.
SeaPea is an OS X Rootkit that provides stealth and tool launching
capabilities. It hides files/directories, socket connections and/or
processes. It runs on Mac OSX 10.6 and 10.7.