Topic: CIA Malware and Vulnerabilities

https://wikileaks.org/ciav7p1/

Wikileaks begins leaking CIA papers on their zero days used for attacks.

I don't know much about technology anymore.

Thumbs up Thumbs down

Re: CIA Malware and Vulnerabilities

Here are some of the best VX-related leaks

Malware Development Tradecraft DOs and DONTs

NOD Cryptographic Requirements

NOD Data Exchange Format Specification

NOD In-Memory Code Execution Specification

NOD Persisted DLL Specification

Those few PDFs basically lay the framework for how the CIA writes their malware, persists on a system, executes code in memory, etc. Definitely a highly recommended read, I think they should be added to the VXHeavens library too smile

I'll update if I find more interesting PDFs!

My crime is that of outsmarting you, something you will never forgive me for.

Thumbs up Thumbs down

Re: CIA Malware and Vulnerabilities

if it comes from the CIA, it must be good.

[CQK]
Twitter: @thealcopaul

Thumbs up Thumbs down

Re: CIA Malware and Vulnerabilities

Found some more great stuff, mostly focused on AV defeating:

List of known malware techniques, to be used in false flag attacks

Using Windows Shell Extensions for persistence

PSP/Debugger/RE Avoidance

Wait for mouseclick to defeat sandboxes

"run out the clock" to defeat AV sandboxes

DLL Injection vs. PSPs

Defeating AVG using Process Hollowing

Overview wiki-like page on all PSPs

List of AV defefats

Also, for context: PSP's are "Personal Security Products", the CIA's name for AV software.

My crime is that of outsmarting you, something you will never forgive me for.

Thumbs up Thumbs down

Re: CIA Malware and Vulnerabilities

https://wikileaks.org/ciav7p1/cms/page_ … l?marble=1

CIA malware obfuscation tool

I don't know much about technology anymore.

Thumbs up Thumbs down