Wikileaks reveals potent Windows malware from the CIA

Could take over a machine, delete files and upload more malicious code.

05 malware
Justin (Creative Commons BY or BY-SA)

A few days ago, Microsoft’s top lawyer took the NSA to task over WannaCry, saying that problem was the agency’s creation because it built and stockpiled such malware for its own use.

Now WikiLeaks has revealed more government-created malware and this one is a nasty piece of work.

Codenamed “Athena,” the spyware targets all version of Windows from Windows XP to Windows 10, and was released in August 2015. It was created in part by a private New Hampshire-based cyber security firm called Siege Technologies.

According to WikiLeaks, Athena allows whoever controls it to completely take over a computer, steal data and send it to CIA servers, delete data and upload even more malicious software.

“Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation,” WikiLeaks said.

This is the latest in government-sponsored malware, an issue that I see getting no traction with Congress while they clutch their pearls over Russia and our election. We now have two cases, WannaCry and Athena, where government spying agencies discovered exploits in Windows and rather than report it to Microsoft, made malware for their own use.

I have a query in to Microsoft on whether they have patched the exploit yet, thus far no word.

Update: Microsoft has responded to my query with its official statement on the matter: “Our security team has completed its examination of the Athena release and has concluded it does not describe exploits or vulnerabilities in any of our products. Athena will only work on a system that has already been compromised by some other method.”

The government will likely justify this as you have nothing to fear if you aren’t an enemy of the state, that it’s only used against bad players. Well first, can we trust their definition of bad players any more, given all the snooping Edward Snowden revealed?

And secondly, they have shown something of an incompetence when it comes to keeping these things bottled up. WannaCry (or WannaCrypt) was stolen from the NSA, and as Microsoft’s chief lawyer Brad Smith noted, this is the real world equivalent of the theft of cruise missiles. Would the government keep silent about that?

Actually, it probably would just to avoid a panic.

The fact that Athena is in the hands of WikiLeaks, which offered up considerable detail on how it works, again shows that our spy agencies can’t keep these things locked up. And if they can’t, then they should disclose them to Microsoft. We are in a global fight against malware. The U.S. government should not be one of the creators of it.

This article is published as part of the IDG Contributor Network. Want to Join?

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon