CIA Headquarters Podium

WikiLeaks: How the CIA Disguises Its Hacking to Appear to Be Foreign

Share:

Friday morning, WikiLeaks released the third of its “Vault 7” data and document dumps related to CIA hacking.

This latest drop, codenamed “Marble,” features 676 source code files for the CIA’s secret anti-forensic Marble Framework, which was used to hamper forensic investigators and anti-virus companies from attributing viruses, Trojans and hacking attacks to the CIA. It did this by hiding fragments of text used in its malware from visual inspection.

“This is the digital equivalent of a specialized CIA tool to place covers over the English-language text on U.S.-produced weapons systems before giving them to insurgents secretly backed by the CIA,” the anti-secrecy group stated in a press release announcing the drop. “Marble forms part of the CIA’s anti-forensics approach and the CIA’s Core Library of malware code. It is ‘[D]esigned to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop.'”

WikiLeaks claims the Marble source code also includes a “deobfuscator” to reverse the hidden text. This, along with other revealed techniques, patterns and signatures, can be used by forensic investigators to correctly attribute previous hacking attacks and viruses to the CIA.

According to the group’s statement, the U.S. spy agency can make the attacks appear to be Russian, Chinese, North Korean, Saudi Arabian or Iranian.

“This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, but there are other possibilities, such as hiding fake error messages,” it stated. “The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.”

This latest release follows the group’s second release, codenamed “Dark Matter,” by a little more than a week. In that statement, the group exposed how the CIA has infected Apple Mac firmware used on both computers and smartphones since at least 2008. {eoa}

Share:

Leave a Reply


More Spiritual Content
Pope Francis Appoints Pro-LGBTQ Preacher
Keeping It Holy When You Disagree
Greg Locke Burns Voodoo Doll Found on Property: ‘Your Witchcraft Will Not Work’
Is Joe Biden Trying to Start World War 3?
UFC Champ Jon Jones Astonishes the World…with Jesus
18 States Back Middle Schooler’s Supreme Court Bid Over 2 Genders T-Shirt Case
Archaeologist Makes Shocking $2 Million Discovery
Celebrities Admitting to Witchcraft Practice
Morning Rundown: This Is Why Trump’s Appointments Will Not Be Blocked
It’s Time: Diving Deeper in the Holy Spirit
previous arrow
next arrow
Shadow

Most Popular Posts

Latest Videos
76.4K Subscribers
994 Videos
7.6M Views
Share