• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Government Cyber Security » WikiLeaks Releases Details on CIA’s Athena Program

WikiLeaks Releases Details on CIA’s Athena Program

2017-05-22 by Max

WikiLeaks has continued to release the details of US Intelligence Cyberwarfare tools and programs. They recently released the program known as “Athena.” This program is designed to grant access to any Windows Operating System (OS) from Windows Vista up to Windows 10. Athena is composed of two programs that work together known as Athena-Alpha and Athena-Bravo, or Athena and Hera. Central Intelligence Agency hacker code was part of what was used in the recent WannaCry Cyber-attack.

Athena grants access to any device running Windows XP and Windows Vista, while Hera grants access to Windows 7 through Windows 10. Both of these programs provide the same capabilities to the owner of the malware, which is beaconing capability.

This beaconing capability allows Athena’s controller to alter critical parts of the OS. Namely, they can change the configuration of the OS as well as how it handles tasks. They can download data stored on the infected device at will, storing it on a hidden CIA server somewhere. Athena also grants them the ability to upload data or other programs into the infected device, allowing more viruses to be installed onto the machine.

The release of the details on Athena are part of a campaign by WikiLeaks to reveal US Intelligence Cyberwarfare tools, Athena was the 9th such program to be revealed by WikiLeaks. The others are (in order of release): Dark Matter, Marble, Grasshopper, Hive, Weeping Angel, Scribbles, Archimedes and After Midnight. These programs are part of WikiLeaks “Vault 7” program.

Dark Matter is a program aimed at infecting any Apple devices, which use their proprietary iOS. Dark Matter utilizes an infected USB that attacks the device while it is booting up, bypassing the normal login process to grant control. Dark Matter primarily targets Apple Macs and Macbooks but could be used to gain access to an iPhone or other portable iOS devices.

Marble (Full Name: Marble Framework), is a framework applied to CIA programs to hide their identity. Marble scrambles the code inside viruses in an attempt to keep their creator hidden. This would allow the CIA to infect machines without raising suspicion, or at least slow down anyone trying to find the real perpetrator. Marble also contains a tool that unscrambles any program through it, which means anyone possessing the leaked version of Marble Framework could reveal any malicious software as belonging to the CIA or potentially other Federal Intelligence Agency. Marble works by changing any English text over to a different language such as Russian, Chinese, Arabic or Kurdish. This would throw off automated scans and checks by generating false leads as to the country of origin. It doesn’t encrypt the virus in anyway, it only acts as a smoke screen.

Grasshopper (Full Name: Grasshopper Framework), is a framework used by the CIA to create custom targeted viruses for any Windows OS. Grasshopper allows the viruses to be custom tailored to specific machines and their configurations. If a Grasshopper produced virus is loaded into a machine that doesn’t match its targeting parameters, the virus will not infect the machine, instead, it loiters inside.

Hive isn’t an infiltration program, but rather a management service for them. Hive collects the data gathered by machines infected with CIA programs. It allows them to download files, or send them out to infected machines. It also allows for someone to issue commands to the infected computer, beyond just uploading or downloading data. Hive supposedly uses an HTTPS interface to control and monitor the malicious programs, allowing access from anywhere with an internet connection.

Finally, we have Weeping Angel, named after the iconic Doctor Who villain. An interesting note is that there are several references to the series in the CIA’s released documents. “Sonic Screwdriver” is part of the access kit in Dark Matter. Weeping Angel is a program that takes over a smart television, such as those produce by Samsung. Weeping Angel requires physical access to do any harm, meaning that TVs can only be infected via a USB or other memory device being connected to them. Once infected the TV records and sends the audio data it collects with its inbuilt microphone. This data is stored in a USB or memory device for later collection. It is possible for the TV to be forced to set up a WiFi hot-spot that would transfer the data wirelessly. Weeping Angel also includes an option for “Real-Time Listening” which uploads the audio to the internet where it can be listened to as it’s recorded.

Filed Under: Government Cyber Security Tagged With: hacker, WikiLeaks

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version