What is the CIA’s OutlawCountry Hacking Tool?

No one will be surprised to learn the CIA has quite a few hacking tools in its arsenal. Although Windows is the dominant computer operating system in the world, the intelligence agency created at least one malware tool to infiltrate Linux systems. OutlawCountry, as this tool is known, has been around since June of 2015. This malware can route traffic from a Linux machine to any chosen destination.

OutlawCountry is a Very Potent Linux Malware

WikiLeaks has made yet another disturbing revelation regarding US intelligence agencies. The CIA has been dabbling in malware creation as well, just like the NSA has. That in itself is no real surprise, but it goes to show there are a lot of more security vulnerabilities out there than most people are aware of. OutlawCountry is a particular problem, as it is designed to specifically target Linux systems.

To be more precise, OutlawCountry uses a kernel module for Linux 2.6 which allows CIA staffers to reroute the machine’s traffic to any destination on the Internet. That is quite a significant development, as many people assumed Linux is far more secure than Windows and other operating systems when it comes to these types of threats. That does not appear to be the case any longer, which will keep some sysadmins up at night over the coming weeks.

Installing OutlawCountry onto a Linux machine is not easy, as it requires root privileges and shell access. This means the CIA – or anyone else using this malware – needs to compromise target systems through other means initially. It is certainly possible criminals have used this malware as well. Just because they are developed by a law enforcement agency does not exclude others from gaining access to this information.

On paper, OutlawCountry is a perfect tool to spy on any Linux system in the world. It seemingly affects both servers and desktop installations, which means no Linux user is safe from harm. The CIA – or other interested parties – can snoop on internet traffic by redirecting the system’s traffic to a server under their control. Although not everyone may be overly concerned about this, OutlawCountry can be used for far more nefarious purposes as well. If the malware is ever installed on a server, it can snoop on all connected users’ internet habits at once.

Clearly, WikiLeaks is not done exposing the CIA and other government agencies just yet. Over the past few months, we have seen multiple hacking tools’ manuals published. For some reason, all of these intelligence agencies have spent a lot of time developing hacking tools for Windows and Linux, without ever clarifying why they would need such tools in the first place.

For the time being, no one knows exactly if and when OutlawCountry may have been used for CIA operations. Now that the user manual is leaked, nefarious developers may try to engineer hacking tools with similar functionality. If that were to happen, things are not looking good for anyone using Linux as their operating system. Only time will tell if we’ll hear more about OutlawCountry in the future.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.