A lot of people are focusing their attention on NSA hacking tools and malware. Unfortunately, they are not the only US-based agency people should worry about. The CIA has also created some tools which pose a big problem. Pandemic is a cyberweapon targeting computers with shared folders. It is capable of switching clean files with malware, which makes it a very potent threat.
Why You Should Be Worried About Pandemic
It is never fun to learn the CIA is more than capable of causing harm to computers all over the world. More specifically, their Pandemic tool is designed to specifically target computers with shared folders. These shared folders are of great interest, especially when users download files from them through the SMB protocol. It is evident this CIA tool was purposefully designed to target these computers and shared folders, although it remained unclear why that was.
Thanks to new information provided by Wikileaks, we have now learned why Pandemic is such a big problem. The tool installs itself on a computer as a “file system filter driver,” which monitors SMB traffic and sniffs out attempts to download files from a shared folder. Pandemic will then intercept this SMB request and send a fake response back. Moreover, the tool will deliver a malware-laden file instead of the actual information.
This type of malicious behavior raises a lot of questions, to say the least. Pandemic is capable of replacing up to 20 legitimate files at once, as long as the file size is under 800 megabytes. According to the manual, Pandemic was initially developed to replace executable files, which makes this whole ordeal even stranger. After all, it seems unclear as to, why the CIA wants to purposefully infected corporate file sharing servers and deliver malware to other users on the network.
What makes this ordeal even more troublesome is how it can infect victims without being detected. In fact, detecting Pandemic-infected PCs can’t be done through traditional means. It requires system administrators to download and scan files from other computers through the SMB protocol. However, it appears there is another method of detecting the malware. Searching the Windows registry keys for specific minifilter keys will inform companies if they have been subject to CIA surveillance.
It is evident the CIA has developed quite a few tools that are merely designed to spy on consumers and enterprises. It remains unclear what type of information the agency is looking for exactly. Infecting corporate networks with malware is a very disturbing development, though, as it goes to show the CIA wants to keep fingers in all of the pies. This approach is quite similar to what one would expect from the NSA, rather than the CIA.
Rest assured more of these tools will come to light over the coming months. WikiLeaks is not done exposing US intelligence agencies and their shady tactics. Pandemic is a very troublesome tool, even though it is clearly designed for this particular purpose. The CIA has built a lot of tools, all of which threaten consumer privacy and can alert the CIA regarding what people are doing at any given time. We live in a very troublesome time, to say the least.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.