CuriousBytes: WikiLeaks has disclosed many of the malwares and tool used by US Central Intelligence Agency, to hack various devices and software. The latest disclosure is about a project named OutlawCountry, that can be used to target Linux based systems.[dropcap]W[/dropcap]ith the Vault 7 Revelation, WikiLeaks has shed light on various techniques adopted by CIA to target almost any device or software. It even released some tools used by CIA.
Well now the latest announcement from WikiLeaks has revealed that CIA can even target Linux systems, which are best known for their impenetrable nature and tough security. The latest dump from WikiLeaks details the OutlawCountry project, through which CIA can target Linux systems.
When it comes to security, Linux almost out rank almost any other operating system. Well this news from WikiLeaks can be a concern for Linux users who use it for security and privacy. Also big companies relying on Linux need to look on this and should work on patching the vulnerabilities that helped CIA to target Linux.
What is OutlawCountry project?
OutlawCountry project can help CIA to redirect network traffic from a target machine to an agency-controlled machine for infiltration.
Also to make this work CIA needs some prerequisites to target the system and these prerequisites include:
the target machine needs to be running a compatible 64-bit version of CentOS/RHEL 6.x (kernel version 2.6.32), shell access is required by the operator, and the target must have a “nat” netfilter table.
— WikiLeaks (@wikileaks) June 29, 2017
Here is more information from WikiLeaks about the OutlawCountry project of CIA:
OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for ex- and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target; with knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from a user or even system administrator.
The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system. OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels. Also, OutlawCountry v1.0 only supports adding covert DNAT rules to the PREROUTING chain.
What do you think of CIA finding ways to target almost every Gadget and every piece of software created on Earth? Do you support it’s explanation of “National Security measure?”. Tell us your opinion in the comments below.
For more latest updates on security keep following us on social media page.[quads id=”3″]