Archimedes Malware: WikiLeaks Exposes CIA Tool Used In Attacking Local Area Networks

WikiLeaks has exposed CIA’s tool in hacking Local Area Networks. Reuters/Larry Downing

WikiLeaks has exposed another hacking tool that the CIA is using. In its seventh leak since March 23, the non-profit organization published manuals describing the Archimedes malware that the government agency is said to be using in carrying out attacks to computers inside a Local Area Network (LAN).

This Friday, WikiLeaks announced via Twitter its latest discovery — a hacking tool named Archimedes that is typically used in offices. According to the organization, this type of tool “allows the re-directing of traffic from the target computer inside the LAN through a computer infected with this malware and controlled by the CIA.” In addition, WikiLeaks said that the CIA uses this tool to redirect a target computer’s web browser to an “exploitation server.” However, this remains unnoticed since the malware makes it appear as though one is just engaging in a normal browsing session.

WikiLeaks noted that with this tool, the CIA is “abusing machines to bring targeted computers under control and allowing further exploitation and abuse.” The only way to apparently detect attacks caused by this malware is by examining the page source. WikiLeaks has published four Archimedes documents that detail more information about the hacking tool. One of them is a User Guide that’s dated Dec. 18, 2012. The other three are addenda from 2013 and 2014.

READ: What CIA used in attacking Windows devices according to WikiLeaks

RT has learned that Archimedes is actually the updated version of a tool called Fulcrum. Since the former is an update, it comes with several improvements, one of them being the ability to gracefully shut down the tool on demand. Fulcrum was said to have been updated to give the tool the ability to run on targets with multiple gateways. This is explained thoroughly in the Fulcrum manuals WikiLeaks published alongside the Archimedes files.

RT has also noticed upon going through the leaked documents that the ones for the Fulcrum are strangely worded in a more casual manner. For example, the guide to using Fulcrum contains sentences like “Pat yourself on the back, grab a fresh caffeinated beverage of your choice and then let’s get down to it” and “So you are just itching to use Fulcrum against this target of yours and you’re ready to dive in.”

WikiLeaks’ latest leak comes amid the emergence of more details on the new Julian Assange documentary, entitled “Risk.” Huffington Post said that Laura Poitras’ documentary covers the time when WikiLeaks was being praised by Amnesty International for being a catalyst for the Arab Spring’s string of protests against authorities. It specifically starts with the WikiLeaks founder, Assange, and colleague Sarah Harrison attempting to contact Hillary Clinton who was then the Secretary of State to inform the latter about a breach. The documentary is also revealed to tackle the days when the organization was strongly pushing for radical transparency.

Surprisingly, Poitras admits something about the bases of the documentary that is hard to miss. “This is not the film I thought I was making,” she says in the production diary for the documentary. “I thought I could ignore the contradictions [but the contradictions] are becoming the story.” “Risk” will focus mostly on Assange unlike Poitras’ 2014 documentary entitled “CitizenFour” that centered on Edward Snowden. “Risk” was already screened at Cannes Film festival in May 2016, but the documentary has undergone last-minute edits that caused its delayed release.