WikiLeaks just published details of a purported CIA operation that turns Windows file servers into covert attack machines that surreptitiously infect computers of interest inside a targeted network.
"Pandemic," as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers. A user manual said Pandemic takes only 15 seconds to be installed. The documents didn't describe precisely how Pandemic would get installed on a file server.
In a note accompanying Thursday's release, WikiLeaks officials wrote: