Continuing its series of publishing information on malware and exploits allegedly used by the US government and its partners, WikiLeaks has posted another set of manuals for digital attack tools.
As part of a supposed project from the CIA, named “Imperial” the tools are designed to provide attack surfaces on Mac OS and Linux-based systems.
The first of the three is dubbed Achilles, which would allow attackers to “trojan an OS X disk image installer” with malicious executables for a one-time action.
Aeris, is the second piece of code mentioned by the site, which was supposedly written in C and targets POSIX-based systems like Debian, FreeBSD, CentOS, and others. It seems like Aeris was designed to target portable systems. According to the Wikileaks, Aeris supports “automated file exfiltration, configurable beacon interval and jitter, standalone and Collide-based HTTPS LP support and SMTP protocol support - all with TLS encrypted communications with mutual authentication.” The system also offers command and control features similarly structured to some Windows-infecting software.
Finally, SeaPea, is essentially a Mac OS rootkit, attacking versions 10.6 and 10.7 of the operating system. The code hides itself in the operating system files, and compromises the system on reboot. SeaPea was also previously leaked in relation to iPhone hacking tools.
Of course, these files and details are partially unverified, and WikiLeaks has its own share of compromising secrets and collaborations so it’s worth taking everything with a grain of salt. However, the fact that state-actors are targeting our electronic devices and developing digital attack tools should surprise no one.