Join Our Community!Join Our WhiteHat Group On facebook & Stay Updated.

WikiLeaks – Releases Code that Could Unmask CIA Hacking Operations

Up until this week, WikiLeaks’ “Vault 7” releases of files from a Central Intelligence Agency software development server have largely consisted of documentation for the various malware projects the CIA’s Engineering Development Group created to aid the agency’s mission.

The release was a repository of code for the CIA EDG’s obfuscation tools called Marble. The tools were used to conceal the signature of the implants developed by CIA from malware scans, to make it more difficult to reverse-engineer them if they were detected, and to figure out where the malware came from.

Image Credit: Ars Technica

The university of California at Berkeley Computer Security researcher Nicholas Weaver told the Washington Post’s Ellen Nakashima, “This appears to be one of the most technically damaging leaks ever done by WikiLeaks, as it seems designed to directly disrupt ongoing CIA operations.”

The characters in the sets included with the code appear to be mostly gibberish placeholder text (even including “Lorem ipsum” in Western characters in some cases), so they were either meant to be substituted in small chunks for strings that would give away that the code was written in the US or was supposed to be replaced with custom text before building for a specific projects.

The material includes the secret source code of an “obfuscation” technique used by the CIA so its malware can evade detection by anti-virus systems. The technique is used by all professional hackers, whether they work for the National Security Agency, Moscow’s FSB security agency or the Chinese military. But because the code contains a specific algorithm — a digital fingerprint of sorts — it can now be used to identify CIA hacking operations that had previously been detected but not attributed.

“It’s one thing to say, ‘I got hacked.’ It’s another thing to say, ‘I got hacked by the CIA,’ ” said Jake Williams, founder of Rendition InfoSec, a cybersecurity firm. “I suspect this could cause some foreign policy issues down the road.”

If this source code is used in a majority of CIA hacking operations, Williams said, the release could be “devastating.”

WikiLeaks, founded by Julian Assange, has sought to position itself as a champion of transparency and defender of privacy rights. It described the Marble Framework as “the digital equivalent of a specialized CIA tool to place covers over the English language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.”

The agency responded angrily.

“Dictators and terrorists have no better friend in the world than Julian Assange, as theirs is the only privacy he protects,” spokesman Dean Boyd said, without commenting on the authenticity of the release.

“The American public should be deeply troubled by any WikiLeaks disclosure designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries,” Boyd said. “Such disclosures not only jeopardize U.S. personnel and operations but also equip our adversaries with tools and information to do us harm.’’

Leaked Documents by WikiLeaks https://wikileaks.org/vault7/document/Marble/

References :

https://arstechnica.com

https://www.washingtonpost.com

https://wikileaks.org

 

Comments

comments

Leave a Reply