CIA Hackers: Why WikiLeaks ‘Vault 7’ Becomes a Wake-Up Call For Users, IT Giants
SputnikNews.com
09.03.2017
The world’s IT giants are scrupulously analyzing the latest WikiLeaks’ disclosure of the CIA hacking practices, and signaling that many of the vulnerabilities mentioned in the leaked reports have already been patched. However, it appears that it’s too early to heave a sigh of relief.
The release of the much discussed Vault 7 has become a wake-up call for computer users and IT giants: this time WikiLeaks, an international non-profit organization that publishes secret information from anonymous sources, has unveiled how the mighty CIA has been hacking the entire world.
The files, leaked by the non-profit organization, indicate that for years the CIA has been methodically seeking and exploiting vulnerabilities in globally-famous software and hardware platforms in order to take control over them.
According to the documents, the CIA hacking group possessed tools allowing them to infect a target computer bypassing PSPs (Personal Security Product).
For instance, one of the files, entitled “Kaspersky ‘heapgrd’ DLL Inject,” describes Russian cybersecurity provider Kaspersky Lab’s PSPs vulnerabilities.
“The Kaspersky AVP.EXE process references a DLL called WHEAPGRD.DLL. This DLL is supposed to be located in one of the Kaspersky directories (which are protected by the PSP). Due to a UNICODE/ASCII processing mistake, the DLL name is prepended with the Windows installation drive letter, rather than the full path to the DLL. For typical installations, this causes Kaspersky to look for the DLL ‘CWHEAPGRD.DLL’ by following the standard DLL search path order. Loading our own DLL into the AVP process enables us to bypass Kaspersky’s protections,” the document reads, adding that “this vulnerability is limited to some of Kaspersky’s previous releases.”
The Rest…HERE
