SSH inventor analyzes tools the CIA wrote to exploit his protocol
The CIA hacking tools called Gyrfalcon and BothanSpy, as described in documents released by anti-secrecy group WikiLeaks, are “effective, but surprisingly unsophisticated,” according to Tatu Ylonen. And he should know — he invented the security protocol they exploit. In a blog post he published Wednesday, Ylonen — inventor of the Secure Shell or SSH security protocol — analyzes the descriptions of the tools provided by WikiLeaks. The group, which has not released the source code for the exploits, published classified “user guides” for the two tools earlier in July as part of a trove of stolen documentation about CIA hacking tools they’ve dubbed Vault 7. “From the [documents], it is easy to figure out how they work,” Ylonen told CyberScoop of the exploits, which are designed to let hackers move around an IT network once they’ve compromised a single machine. In an interview, he speculated they probably would have taken “a few weeks of work” to develop, […]
The post SSH inventor analyzes tools the CIA wrote to exploit his protocol appeared first on Cyberscoop.
Continue reading SSH inventor analyzes tools the CIA wrote to exploit his protocol