Pandemic, ever heard of it? No, still no? So, just in case if you are a Windows User, you must read this blog very carefully as in USA, a CIA Tool named as Pandemic has hacked millions of Windows Computers and it might not take any time to hack even yours. So, just calm yourselves down and patiently listen to us about this, maybe you would get a lot of help:
What is Pandemic?
Pandemic is a tool which is run as kernel shellcode to install a file system filter driver, a leaked CIA manual reads. The filter will 'replace' a target file with the given payload file when a remote user accesses the file via SMB (read-only, not write).
According to WikiLeaks, Pandemic infect networks of Windows computers through the Server Message Block (SMB) file sharing protocol by replacing application code on-the-fly with a trojanized version of the software.
How Pandemic Tool works and hacks over Network?
This might not look very realistic but the truth is Pandemic turns File Server into Patient Zero, Once compromised, the infected Windows file server acts as a "Patient Zero" – the first identified carrier of any communicable disease during an outbreak – which is then used to deliver infections on machines inside the network.
Now, whenever any targeted computer attempts to access a file on the compromised server, Pandemic intercepts the SMB request and secretly delivers a malicious version of the requested file, which is then executed by the targeted computer.
How much Pandemic could affect your system?
According to the user manual, Pandemic takes only 15 seconds to be installed on a target machine and can replace up to 20 legitimate files (both 32-bit and 64-bit files) at a time with a maximum file size of 800MB.
Why it is named as Pandemic?
Since the tool has been specifically designed to infect corporate file sharing servers and turns them into a secret carrier for delivering malware to other persons on the target network, it has been named Pandemic. However, the leaked documents do not explain precisely how Pandemic gets installed on a targeted file server.
Former National Security Agency (NSA) employee Jake Williams also questioned whether the leaked documents by the whistleblower group required to take advantage of the Pandemic tool had been released.
What Pandemic could do to your System?
The spyware has been designed to take full control over the infected Windows PCs remotely, allowing the CIA to perform all sorts of things on the target system, including deleting data or uploading malicious software and stealing data.