According to recent reports, WikiLeaks has released information on yet another CIA hacking tool. This particular malware is called Dumbo and it allows users to compromise webcams and microphones of target PCs and prevent them from recording or transmitting data. The trick is, it can only be delivered by a USB stick that must be plugged into the target computer. Dumbo requires not only physical access to the victim’s device, but admin privileges as well.
Once plugged in, it will disable all network interface cards (which prevents the machine from sending or receiving any data) and terminate all processes on a pre-programmed “termination list.” Dumbo only affects 32-bit Windows XP, Vista and newer operating systems and will not affect older versions of Windows or a 64-bit Windows XP. A 2012 CIA presentation also released by WikiLeaks includes the following description of Dumbo:
“Dumbo is designed as a PAG [physical access group] entry-operation utility that targets webcams and other monitoring software. PAG requests this capability to deter home security systems that may identify officers or prevent operations.”
We can assume this malware is intended to work like something out of a James Bond movie, where an operative plugs in a USB drive to temporarily disable security cameras. Pretty slick, right? Not when the whole world knows about it…
You can learn more about the WikiLeaks report on Dumbo at V3 and look at the complete WikiLeaks materials for yourself here. You can also read more about WikiLeaks’ Vault 7 CIA dumps here on Secplicity.