RELEASE: CIA project 'Imperial'. Trojans targeting Macs, Debian, Red Hat, Solaris, FreeBSD, Centos #Vault7 #Imperial https://t.co/Bsoxd7LdiC pic.twitter.com/iACdXnaOle
— WikiLeaks (@wikileaks) July 27, 2017
Today, July 27th 2017, WikiLeaks publishes documents from the Imperial project of the CIA.
Achilles is a capability that provides an operator the ability to trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.
Aeris is an automated implant written in C that supports a number of POSIX-based systems (Debian, RHEL, Solaris, FreeBSD, CentOS). It supports automated file exfiltration, configurable beacon interval and jitter, standalone and Collide-based HTTPS LP support and SMTP protocol support - all with TLS encrypted communications with mutual authentication. It is compatible with the NOD Cryptographic Specification and provides structured command and control that is similar to that used by several Windows implants.
SeaPea is an OS X Rootkit that provides stealth and tool launching capabilities. It hides files/directories, socket connections and/or processes. It runs on Mac OSX 10.6 and 10.7.
https://wikileaks.org/vault7/releases/#Imperial