The CIA has their own WiFi-based geo-location hack for Windows

Reading time icon 2 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

The latest WikiLeaks revelation includes an interesting one revealing one of the CIA’s tricks of the trade.

According to the WikiLeaks since 2013 the CIA had a tool called ELSA which would check the identity of the WIFI networks surrounding your laptop and use that to locate your device geographically, using public WIFI network location database held by Microsoft and Google.

The tool would, of course, require your PC to be hacked already, which means the CIA could do just about anything else, but this particular technique has a number of advantages, including that your PC would not even need to be connected to the internet, does not need GPS hardware, and that the public WIFI-based location database has only become more accurate in time.  ELSA would store the location in a log for later retrieval.

ELSA was designed for Windows 7, but of course, on Windows 10 it would simply need to request your location from the OS, which uses the same technique.

On the other hand, that would raise a permission prompt for the user to approve, which is probably not the CIA’s style.

Unlike EternalBlue and other major exploits leaks recently, I suspect hackers will not be adopting this tool for their next ransomware attack, making this make akin to the shoe phone than a lost missile.

You can read ELSA’s manual at WikiLeaks here.

User forum

0 messages