WikiLeaks revealed yet another set of classified CIA spying project documents code named “Athena”, explaining the various methodologies used by them to spy over millions of computers across the globe. The Publisher has so far revealed an array of tools utilized by the CIA in its series of leaks since March 7, 2017.
The latest leaks describes “Athena” as a secret project of the US Central Investigation Agency that allows its operators to gain remote beacon and loader capabilities on targeted computers running on Microsoft Windows operating system (from Windows XP to Windows 10). The information shared by WikiLeaks also points to the fact that Athena is coded using Python programming language. The final version of Athena is said to have been launched for its secretive operators in August, 2015 just a month after Windows 10 OS was launched.
In layman’s terms Athena is a malware/spyware that allows attackers to gain access to any windows PC. After the targeted computer is breached, Athena allows the attacker to delete files and craft further attacks by uploading other malicious malware. The CIA allegedly was using this platform to spy and steal data from computers of their choice.
According to the information published by WikiLeaks, Athena is a malware developed by the the CIA in close collaboration with a information security company called Siege Technologies that claims to provide offensive driven defensive cyber security solutions. The company website states that it has its offices located in two locations namely New York and Manchester, New Hampshire.
The technological overview of Athena published by WikiLeaks provides detailed description of how the malware works and an array of innovations incorporated in this tool of mass surveillance. Athena is described as a beacon loader which works as an implant application. The tech overview document also states that Athena in itself has two versions namely, Athena-Alpha and Athena-Bravo. The concept of operation is visually explained with the help of the following diagram.
Don’t leave yourself exposed. Find your vulnerabilities before cybercriminals do. Contact us for Vulnerability Assessment and Penetration Testing.