WikiLeaks has now revealed a new set of tools allegedly used by the CIA in its cyber-operations. This time it is specifically aimed at shutting down operations cameras in order to allow its agents perform a series of missions without being caught on video.
It is called Dumbo and this set of tools can not only block cameras, microphones, and surveillance software, it can also scan for audio and video recordings, corrupting the files in a way which does not allow them to be recovered.
According to manuals published by WikiLeaks and last updated in June 2015 reveals that Dumbo reached version 3.0, offering support for all Windows versions on the market, starting with Windows XP, though 64-bit versions of this particular release is not supported.
“Dumbo is a capability to suspend processes utilizing webcams and corrupt any video recordings that could compromise a PAG deployment. The PAG (Physical Access Group) is a special branch within the CCI (Center for Cyber Intelligence); its task is to gain and exploit physical access to target computers in CIA field operations,” WikiLeaks says.
It is however important to note that Dumbo requires physical access to the target computer, as the application is being launched from a USB stick that needs to be plugged in. Furthermore, administrator access is also needed to compromise the surveillance software which we have learnt from WikiLeaks revelations that obtaining root privileges is something an agency can do easily.
Once connected, Dumbo compromises the system which shuts down surveillance devices and software. It also looks for additional devices which could be a part of the network, specific processes and recordings which could be corrupted or delete them completely.
If this does not work, CIA agents can cause a BSOD on the connected Windows system which could knock the whole ecosystem down and the surveillance cameras useless....