14 DAY TRIAL // WikiLeaks has revealed a new set of tools allegedly used by the CIA in its cyber-operations, this time specifically aimed at shutting down surveillance cameras in order to allow its agents perform a series of missions without being caught on video.
Called Dumbo, this set of tools can not only block cameras, microphones, and surveillance software, but it can also scan for audio and video recordings, corrupting the files in a way that does not allow them to be recovered.
Manuals published by WikiLeaks and last updated in June 2015 reveals that Dumbo reached version 3.0, offering support for all Windows versions on the market, starting with Windows XP, though 64-bit versions of this particular release are not supported.
“Dumbo is a capability to suspend processes utilizing webcams and corrupt any video recordings that could compromise a PAG deployment. The PAG (Physical Access Group) is a special branch within the CCI (Center for Cyber Intelligence); its task is to gain and exploit physical access to target computers in CIA field operations,” WikiLeaks says.
Physical access to systems needed
What’s important to note is that as compared to the other malware and hacking tools used by the CIA, Dumbo requires physical access to the target computer, as the application is being launched from a USB stick that needs to be plugged in. Furthermore, administrator access is required to compromise the surveillance software, though from the previous WikiLeaks revelations we’ve learned that obtaining root privileges is something that the agency can easily do.
Once a system is compromised, Dumbo offers tools to shut down connected surveillance devices and software, but it also looks for additional devices that are part of a network. It searches for specific processes and recordings, eventually offering controls to corrupt found files or delete them completely.
If disabling the surveillance system does not work, CIA agents can cause a BSOD on the connected Windows system, thus knocking them offline and rendering the surveillance cameras useless.