WikiLeaks has published three new alleged CIA hacking tools as part of its new Vault 7 dump. The alleged CIA project dubbed "Imperial" includes three hacking tools named Achilles, Aeris and SeaPea that target Mac and Linux operating systems (OS). While Achilles and SeaPea target Mac OS, Aeris targets Linux.
According to WikiLeaks' documents, Achilles allows CIA's agents to "trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution".
SeaPea essentially functions as a Mac OS X rootkit and allows CIA operators to infilitrate systems while it reboots. SeaPea's manual was previously released by the whistleblowing organisation in another Vault 7 dump named DarkSeaSkies, which detailed hacking tools targeting Macs and iPhones. According to WikiLeaks, SeaPea "provides stealth and tool launching capabilities" that would allow agents to essentially compromise Macs without the targets' knowledge.
Aeris is allegedly the CIA's automated implant targeting Linux, written in C programming language. Interestingly, Aeris has reportedly been named after one of the characters in the classic game Final Fantasy.
The tool has been designed specifically to function as a backdoor to portable Linux OS such as Debian, CentOS, Red Hat, as well as FreeBSD and Solaris. Aeris can also allegedly be used to build customised implants, tailored for specific operations. Aeris also comes with features that allow for data exfiltration, although the details are not included in the Imperial dump.
Last week, WikiLeaks exposed details from Raython Blackbird Technologies, a CIA contractor, detailing its various reports to the spy agency about in-the-wild malware samples aimed at helping the CIA develop its own malware and hacking tools.