• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 9th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
WikiLeaks

WikiLeaks: CIA’ CouchPotato Tool Remotely Collects Video Streams

August 11th, 2017 Carolina Security, Malware, Surveillance, Technology News, WikiLeaks 0 comments
WikiLeaks: CIA’ CouchPotato Tool Remotely Collects Video Streams
Share on FacebookShare on Twitter

WikiLeaks has released yet another CIA hacking tool as part of its Vault 7 series documents belonging to the American Central Intelligence Agency (CIA). This time, the whistleblowing platform has leaked the “User Guide for the CoachPotato project” of the agency work of which is to hack and obtain RTSP/H.264 video streams and still images remotely.

WikiLeaks: CIA' CouchPotato Tool Remotely Collects Video Streams

The project CouchPotato is different from Dumbo project details of which were released by WikiLeaks according to which CIA needs physical access to hack webcams on a targeted device. But in CouchPotato’s case, everything is done remotely.

According to the leaked documents:

“CouchPotato is a remote tool for collection against RTSP/H.264 video streams. It provides the ability to collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that is of significant change from a previously captured frame. CouchPotato utilizes FFmpeg for video and image encoding and decoding as well as RTSP connectivity. In order to minimize the size of the DLL binary, many of the audio and video codecs along with other unnecessary features have been removed from the version of FFmpeg that CouchPotato is built with. pHash, an image hashing algorithm, has been incorporated into FFmpeg’s image2 demuxer to provide image change detection capabilities. CouchPotato relies on being launched in an ICE v3 Fire and Collect compatible loader.”

A look at CouchPotato’s 11 pages user guide shows it is dated back to February 2014 and utilizes FFmpeg software. It is a free software project that produces libraries and programs for handling multimedia data. The agency uses the software for video and image encoding and decoding as well as RTSP connectivity.

[q]”CouchPotato targets Windows OS”[/q]

The documents only detail about version CouchPotato 1.0, therefore, it is unclear if there is a version 2 out there or not. However, it uses a massive amount of CPU from a targeted device making the victim somewhat suspicious.

[fullsquaread][/fullsquaread]

According to the user guide’s page 11:

“CPU usage of the process that CouchPotato is injected into can potentially be high depending on the number CPUs/Cores available. In development and testing, it was observed that on a Windows 7 64-bit VM allocated just one CPU core, the process that CouchPotato was injected into was using between 50-70% of available CPU while capturing images of significant change. Memory usage was between 45-50MB.”

Like previous CIA’s tools released by WikiLeaks, CouchPotato also targets devices using Windows operating system.

Vault 7 documents previously leaked by Wikileaks:

BothanSpy and Gyrfalcon: Steals SSH credentials from Linux & Windows devices
OutlawCountry and Elsa: Malware targeting Linux devices and tracking user geolocation
Brutal Kangaroo: CIA hacking tools for hacking air-gapped PCs
Cherry Blossom: CherryBlossom & CherryBomb: Infecting WiFi routers for years
Pandemic: A malware hacking Windows devices
AfterMidnight and Assassin: CIA remote control & subversion malware hacking Windows
Dark Matter: CIA hacking tool infiltrating iPhones and MacBooks
Athena: A malware targeting Windows operating system
Archimedes: A program helping CIA to hack computers inside a Local Area Network
HIVE: CIA implants to transfer exfiltrated information from target machines
Grasshopper: A malware payloads for Microsoft Windows operating systems
Marble: A framework used to hamper antivirus companies from attributing malware
Dark Matter: A CIA project that infects Apple Mac firmware
Highrise: An Android malware spies on SMS Messages
Aeris, Achilles, SeaPea: 3 malware developed by CIA targeting Linux and macOS
Dumbo Project: CIA’s project hijacking webcams and microphones on Windows devices.

  • Tags
  • CIA
  • hacking
  • internet
  • Malware
  • Microsoft
  • security
  • Technology
  • USA
  • Vault 7
  • wikileaks
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Man caught downloading child porn during raid; gets 10 years in prison
Next article Crosstalk Flaw: Hackers can steal sensitive data with unsecure USBs
Carolina

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.

Related Posts
European Banking Authority victim in Microsoft Exchange Server hack

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data

FluBot Android malware mimics FedEx, Chrome apps to steal user data

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
European Banking Authority victim in Microsoft Exchange Server hack
Hacking News

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data
Android

FluBot Android malware mimics FedEx, Chrome apps to steal user data

John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us