WikiLeaks has released details about two malware frameworks which it says were designed by the CIA, as part of its Vault 7 document dump.
The whistle-blower organisation started releasing the Vault 7 documents on 7 March.
The latest documents, named AfterMidnight and Assassin, are both for the Windows platform.
AfterMidnight allows the user to dynamically load and execute malware on a target machine, according to a WikiLeaks statement.
{loadposition sam08}The main controller is disguised as a dynamic link library and offers secure execution of malware through a secure listening post system known as Octopus.
"Once installed on a target machine AfterMidnight will call back to a configured listening post on a configurable schedule, checking to see if there is a new plan for it to execute," the WikiLeaks statement said.
"If there is, it downloads and stores all needed components before loading all new gremlins in memory.
"Gremlins are small AfterMidnight payloads that are meant to run hidden on the target and either subvert the functionality of targeted software, survey the target (including data exfiltration) or provide internal services for other gremlins."
The other document released deals with Assassin, an automated implant that provides a simple collection platform on remote computers running Windows.