MENU

 

The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.


SUMMARY

Athena is a spyware that targets all Windows version from XP to Win 10. It has been designed to take full control over the infected Windows PCs remotely, allowing the Central Intelligence Agency (CIA) to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server allegedly.

The spyware Athena has the ability to allow others to modify the computer configuration in real time. Once it is installed into a machine, the malware provides a beaconing capability, to include configuration and task handling, the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It is capable of recording online and offline transactions once it is into the device to include email address, username, passwords, transaction paying details and other pertinent information.

Athena spyware is highly dangerous. It can monitor all your activities and the data collected may be used for shady business. It can terminate or execute processes so it is capable of downloading malware into your machine. If Athena has managed to record sensitive data, it may be used by hackers to blackmail or harass you. It may even flood you with ad-banners and blinking pop-up windows advertising items, ad-free websites and discount coupons which may ruin your browsing experience. Athena can make changes to your registry.

RECOMMENDATION

PNP personnel and the public are advised to follow the best practices listed below to prevent cross-site scripting vulnerability:

• Always update your operating system as well as your anti-virus software;
• Ensure that anti-virus solutions are set to automatically conduct scanning; and
• Never open emails from unknown senders. Check sender’s contact before opening an email

For additional information, please refer to the following websites:

http://thehackernews.com/2017/05/athena-cia-windows-hacking.html?m=1
https://www.linkedin.com/pulse/wikileaks-reveals-athena-cia-spying-program-targeting-nuno-henriques
https://www.youtube.com/watch?v=8xY5Y-HQmrs

POINT OF CONTACT

Please contact CSRAD, PNP ACG for any inquiries related to this CYBER SECURITY BULLETIN at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 7230401 local 5337.