In their seventh CIA leak since March 23rd, Wikileaks has exposed the user manual of a CIA hacking tool, the ‘Archimedes,’ which is allegedly used for attacking computers within a LAN.
The Central Intelligence Agency tool works by redirecting the target’s website search to a CIA server that provides a website which is almost an exact copy of the page the person wished to search, only this one contains a virus.
The only way possible to detect the attack is by examining the source of the page.
The document that WikiLeaks released describes some king of an attack within a “protected environment” as the tool is sent to an existing local network to abuse existing devices and bring targeted computers under their control enabling a more thorough exploitation and misuse.
The Archimedes tool allows traffic from one computer within the LAN to be then redirected via a computer infected with this virus and controlled by the CIA, Wikileaks stated.
This method is used to redirect the targeted computer’s web browser to an exploitation server while seeming as a normal browsing session, according to Wikileaks. This way, the hackers get an entry point that enables them to enter other devices on the network.
The device’s user guide, which is dated December 2012, shows that it’s used to re-direct traffic in a Local Area Network (LAN) from a “target’s computer through an attacker controlled computer before it is passed to the gateway.”