WikiLeaks publishes CIA manual Athena malware for Windows systems

WikiLeaks has again published CIA documents from the Vault 7 collection. This time it concerns the so-called Athena malware, which serves as a beacon and loader. The tool was developed together with an American company.

The manual published by WikiLeaks shows that Athena is suitable for use on Windows versions from Windows XP to Windows 10. The tool consists of several components and is intended to be used in conjunction with the Hera tool, which is not expanded. described. For example, with the help of a builder, a user can select a certain type of malware that is suitable for the operation in question. Once it lands on the target’s system, the Athena engine is started and the malware listens for incoming commands. For example, the user can remotely retrieve files from the infected system and place certain dll files.

A document titled Technology Overview reveals that the CIA describes the Athena tool as a “very simple implant.” The document also shows that the tool was developed in collaboration with the American security company Siege Technologies. In its own words, it focuses on ‘offensive and defensive security techniques’.

WikiLeaks publishes new documents every week from the Vault 7 collection, which the organization put online in March and which it claimed was information from the CIA. Last week’s publication included information about the AfterMidnight and Assassin malware frameworks for Windows systems.

Scheme of the operation of Athena