WikiLeaks Explains MitM Attack Tool Used by CIA
The WikiLeaks recently released documents explaining the details of a man-in-the-middle (MitM) attack tool which is allegedly used by the U.S. Central Intelligence Agency (CIA) to target the local networks.
This tool is initially called Fulcrum and later it is renamed as Archimedes by the developers. It can be used to conduct MitM attacks inside a local area network (LAN). According to the leaked documents, dated between 2011 and 2014, itis a tool which allows the user to redirect the LAN traffic from a targeted computer by an attacker-controlled machine before it is passed on to the gateway.
“This allows the tool to inject a forged web server response which will redirect target’s web browser to an arbitrary location. The technique is typically used to redirect target to an exploitation server while giving the appearance of a normal browsing session,” wrote the developers, in the tool’s user guide.
Jake Williams, the founder of Rendition Infosec and SANS instructor, analysed these leaked documents and found that the tool appears to be a repackaged version of the Ettercap which is a popular MitM tool.
The first major version of the Scribbles tool was released in March 2016 and it may have been developed by the CIA to identify people such as Edward Snowden, who in 2013 leaked a massive amount of information on the NSA’s surveillance capabilities.
This tool is initially called Fulcrum and later it is renamed as Archimedes by the developers. It can be used to conduct MitM attacks inside a local area network (LAN). According to the leaked documents, dated between 2011 and 2014, itis a tool which allows the user to redirect the LAN traffic from a targeted computer by an attacker-controlled machine before it is passed on to the gateway.
“This allows the tool to inject a forged web server response which will redirect target’s web browser to an arbitrary location. The technique is typically used to redirect target to an exploitation server while giving the appearance of a normal browsing session,” wrote the developers, in the tool’s user guide.
Jake Williams, the founder of Rendition Infosec and SANS instructor, analysed these leaked documents and found that the tool appears to be a repackaged version of the Ettercap which is a popular MitM tool.
.@wikileaks In short, nothing to get excited about media peeps. I was talking about this capability to an entry level hacking class Wed night 5/n
.@wikileaks Honestly I'm more interested in how WikiLeaks tries to spin this than I am in the tool itself. 6/6
The first major version of the Scribbles tool was released in March 2016 and it may have been developed by the CIA to identify people such as Edward Snowden, who in 2013 leaked a massive amount of information on the NSA’s surveillance capabilities.
Sorry I keep changing the website, I still can not be true
BalasHapus