This site may earn affiliate commissions from the links on this page. Terms of use.

WiFi Hotspot

A cache of CIA hacking and data gathering tools have been leaking online lately via in infamous WikiLeaks. Many of the documents detail complex and novel methods for infiltrating computer networks and mobile devices. Microsoft fifty-fifty had to patch the aged Windows XP recently in response to a CIA leak. The latest CIA tool revealed online is rather straightforward — malware that tracks a device'southward physical location. Nevertheless, it doesn't need GPS, just Wi-Fi.

The CIA'south location tracker is known internally as ELSA, and appears to exist limited to Windows systems. The leaked documents engagement from 2013 and focus on using ELSA on Windows 7. According to experts who have examined the documents, the technique is simple enough information technology could exist adapted for any Windows release. The CIA simply needs a fashion to get the logger installed on the target arrangement.

Using Wi-Fi to runway devices isn't something the CIA invented. In fact, your phone probably does this correct now. Both Microsoft and Google operate databases of public Wi-Fi hotspots around the world. When a device sees certain hotspots (identified by SSID, signal force, and MAC accost), information technology's possible to effigy out approximately where it is without accessing GPS. This is helpful to the CIA because virtually computers don't have GPS built-in, just information technology'southward easier to get malware installed on them.

The CIA operative tasked with installing ELSA uses a tool called "PATCHER Wizard" to generate a DLL file. They simply accept to set variables for 32-bit versus 64-scrap systems, Google or Microsoft geolocation providers, maximum log file size, and so on. Delivering the DLL to a target machine will probably require the use of other pieces of malware in the CIA's arsenal, though.

elsa

ELSA volition operate even if the user is not continued to a Wi-Fi network. As long as the Wi-Fi radio is on, information technology can log which networks are in range. All that data is saved in a local log file with 128-bit AES encryption. When the target connects to the internet, that file is uploaded to the CIA operative for decryption and analysis.

The third-party Wi-Fi AP databases from Google and Microsoft take public APIs for browsers and other pieces of software. But there's nothing stopping the CIA and others from using them for nefarious purposes. In fact, both these databases have get more robust since 2013. The tracking would be considerably more authentic if the CIA is still using ELSA or something like it.

At present read: Best means to stay bearding and protect your online privacy