Vault 7: WikiLeaks Publishes New CIA Documents on Windows Malware

Athena malware targets Microsoft operating systems from Windows XP to Windows 10

Mikael Thalen
May 19, 2017

CIA documents concerning malware designed for Windows computers were published online Friday as part of WikiLeaks latest “Vault 7” dump.

The malware, known as “Athena,” targets Microsoft operating systems from 2001’s Windows XP to the company’s current Windows 10 release.

Dates on the documents, which range from September 2015 to February 2016, reveal the CIA’s ability to hack Windows 10 only months after it became available to the public.

Athena, which provides remote beacon and loader capabilities on victim machines, was co-developed by the CIA and New Hampshire-based cyber security company Siege Technologies.

“Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system,” WikiLeaks notes. “It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.”

  • A d v e r t i s e m e n t

According to Bleeping Computer’s Catalin Cimpanu, Athena is relatively underwhelming when compared to other malware used and developed by the agency.

“At the technical level, despite using custom terms to describe its modus operandi, Athena isn’t that special when compared to other malware developed for cyber-espionage operations,” Cimpanu writes.

The Vault 7 files, which are believed to have been leaked by a CIA employee or contractor, are now at the center of a manhunt within the intelligence community.

A joint investigation run by the CIA and FBI has been looking into hundreds of agency workers who would have had access to the documents.

“Much of the material was classified and…

Read more