Brutal Kangaroo

WikiLeaks

Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables.

The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host") and installs the BrutalKangaroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked.

The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).

The primary execution vector used by infected thumbdrives is a vulnerability in the Microsoft Windows operating system that can be exploited by hand-crafted link files that load and execute programs (DLLs) without user interaction. Older versions of the tool suite used a mechanism called EZCheese that was a 0-day exploit until March 2015; newer versions seem use a similar, but yet unknown link file vulnerability (Lachesis/RiverJack) related to the library-ms functionality of the operating system.

Links, documents:

https://wikileaks.org/vault7/#Brutal%20Kangaroo

Comments

GAME OVER, Trump: Putin, China & BRICS Just CRUSHED US Dollar

Danny Haiphong Donald Trump's war on BRICS is backfiring as the Russia & China-led Global South moves to dump the US dollar and build a new order independent of its dictates. Journalist and geopolitical analyst Ben Norton breaks it all down. Related: Trump's tariffs: A unique opportunity for BRICS and the Global South to fully escape from dollar tyranny

How China & Russia help Global South countries defend against US imperialism: Nicaragua explains

Geopolitical Economy Report China and Russia help formerly colonized countries in the Global South defend their sovereignty amid constant US meddling and aggression, argues Daniel Ortega, President of Nicaragua, a Latin American country that has been invaded and militarily occupied by the USA multiple times. Ben Norton reports on the history of the Sandinista Revolution, and the struggle against Western imperialism.

UN Official: Gaza Is The Worst CRIME Of The CENTURY

Owen Jones

Jeremy Corbyn: Gaza, Nuclear War & Why Movements Must Rise Now

Empire Files Abby Martin sits down with MP Jeremy Corbyn in Bogotá during The Hague Group summit on Gaza. They discuss the limits of electoral politics, the danger of nuclear weapons, the central role of the US and UK in the Gaza genocide, and more.

THIS IS NOT A DRILL (w/ Roger Waters)

The Chris Hedges YouTube Channel Co-founder of the legendary rock group Pink Floyd Roger Waters discusses the genocide in Gaza, the deterioration of the West and his new movie on this episode of The Chris Hedges Report .

Jeremy Corbyn Interview: Why We Launched Your Party

Owen Jones

American youth are turning on Israel, left and right

The Grayzone The Grayzone 's Max Blumenthal on the total collapse of support for Israel among young American progressives, and the crisis Israel faces for the first time among conservative youth.

X of the day

US Empire and its vassel State Israel can't stop telling lies. And neither can stop committing War Crimes... https://t.co/jQjwc2MUH0 — Mick Wallace (@wallacemick) August 1, 2025

X of the day

Palestinian statehood is not a bargaining chip. It is not a threat. It is an inalienable right of the Palestinian people. Our demands on this shameful government remain the same: end all arms sales to Israel, impose widespread sanctions, and stop the genocide, now. — Jeremy Corbyn (@jeremycorbyn) July 29, 2025

Israel Shipped in Holidaymakers – Greece Shipped Them Out Again

KernowDamo We'll fight them on the beaches took on new meaning as an Israeli cruise ship got sent packing in the latest Greek port stand-off! Earlier this week, the Aegean island of Syros became an unexpected front line in the global movement against Israel’s war on Gaza. A cruise ship, the Crown Iris, carrying approximately 1,600 Israeli tourists, approached the island’s main port expecting a typical summer welcome. Instead, hundreds of Greek islanders lined the waterfront with banners, Palestinian flags, and chants of defiance. “Stop the Genocide” echoed across the harbour as a human blockade formed, preventing passengers from disembarking. After hours of tense standoff, the ship was forced to change course and head toward Cyprus instead, its tourists trapped aboard as unwilling symbols of growing European outrage against Israel’s military campaign. This was no spontaneous protest, it was an organised act of solidarity, a statement that business-as-usual tourism, even on...

the unbalanced evolution of homo sapiens

Search This Blog

Brutal Kangaroo

Comments

Post a Comment

Popular posts from this blog

GAME OVER, Trump: Putin, China & BRICS Just CRUSHED US Dollar

How China & Russia help Global South countries defend against US imperialism: Nicaragua explains

UN Official: Gaza Is The Worst CRIME Of The CENTURY

Jeremy Corbyn: Gaza, Nuclear War & Why Movements Must Rise Now

THIS IS NOT A DRILL (w/ Roger Waters)

Jeremy Corbyn Interview: Why We Launched Your Party

American youth are turning on Israel, left and right

X of the day

X of the day

Israel Shipped in Holidaymakers – Greece Shipped Them Out Again

WikiLeaks reveals that literally every router in America has been compromised

The real "Minority Report"?

Stephen Hawking confirms: The problem is Capitalism, not robots!

Varoufakis: IT technologies will overthrow Capitalism

Signals of an unsustainable future coming from Davos

Confirmed: US imperialists wanted to drag Russia into a war with Ukraine since at least 2019

CIA had an agent at a newspaper in every world capital at least since 1977

Eurozone is ready to explode, but probably not for the reasons you think

Confirmed: Alex Jones' popularity rises after Infowars banning from social media

How normal human behavior became a false mental disorder epidemic