More information on the Vault 7 leak.
The OutlawCountry Linux hacking tool consists of a kernel module, which the CIA hackers load via shell access to the targeted system and create a hidden Netfilter table with an obscure name on a target Linux user. The OutlawCountry project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA controlled computer systems for exfiltrate and infiltrate data. *
— Graham Penrose (@GrahamPenrose2) July 24, 2017
Although the installation and persistence method of the OutlawCountry tool is not described in detail in the document, it seems like the CIA hackers rely on the available CIA exploits and backdoors to inject the kernel module into a targeted Linux operating system. However, there are some limitations to using the tool, such as the kernel modules only work with compatible Linux kernels…
View original post 240 more words