CIA targeting Gnu/Linux users with OutlawCountry malware

Wikileaks which is known for exposing corruption within governments and corporations, has released a massive data dump which included some interesting news about what the CIA has been up to recently. According to the leak, the CIA has targeted Gnu/Linux users, with an exploit that re-routes network traffic towards them for analysis.

The exploit called ‘OutlawCountry’, which is detailed in the report, essentially loads itself onto a vulnerable system as a Linux kernel module (nf_table_6_64.ko) and then creates a new exemption in the IPtables firewall protocol. Once this is done, it deletes itself. When all is said and done, the attacker can exploit the system to re-route all traffic to designated CIA servers.

— source 2017-07-06


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s