Your browser does not support the HTML5 canvas tag.
Εγχειρίδιο χειρισμού κρίσεων λόγω πολιτικών ΔΝΤ από τη CIA! / Already confirmed: Civil liberties under attack! / Greece's creditors gone completely insane! / How the global financial mafia sucked Greece's blood / ECB's economic hitmen / Η Μέρκελ επιβεβαιώνει τα σχέδια των γραφειοφασιστών! /Greece: the low-noise collapse of an entire country/ How the neoliberal establishment tricked the masses again, this time in France / Ενώ η Γερμανία προετοιμάζεται για τα χειρότερα, η Ελλάδα επιμένει στο ευρώ! / Ένας παγκόσμιος "proxy" πόλεμος κατά της ελευθερίας έχει ξεκινήσει! / McCarthyism 2.0 against the independent information / Ο επικεφαλής του "σκιώδους συμβουλίου" της ΕΚΤ επιβεβαιώνει ότι η ευρωζώνη είναι μια χρηματοπιστωτική δικτατορία! / Venezuela case as an emphatic example of why the mainstream media propaganda in the West was so successful in previous decades / Δημοψήφισμα για Grexit: η τελευταία ευκαιρία να σωθεί η Ελλάδα και η τιμή της Αριστεράς / Populism as the new cliche of the elites to stigmatize anyone not aligned with the establishment / Δεν γίνεται έτσι "σύντροφοι" ... / Panama Papers: When mainstream information wears the anti-establishment mask / The Secret Bank Bailout / The head of the ECB “shadow council” confirms that eurozone is a financial dictatorship! / A documentary by Paul Mason about the financial coup in Greece / The ruthless neo-colonialists of 21st century / First cracks to the establishment by the American people / Clinton emails - The race of the Western neo-colonialist vultures over the Libyan corpse / Επιχείρηση Panama Papers: Το κατεστημένο θέλει το μονοπώλιο και στις διαρροές; / Operation "looting of Greece" reaches final stage / Varoufakis describes how Merkel sacrificed Greece to save the Franco-German banks / France officialy enters the neo-Feudal era! / The US establishment just gave its greatest performance so far ... / A significant revelation by WikiLeaks that the media almost ignored / It's official: the US is funding Middle-East jihadists! / Οι αδίστακτοι νεο-αποικιοκράτες του 21ου αιώνα / How to handle political unrest caused by IMF policies! / Πώς το νεοφιλελεύθερο κατεστημένο ξεγέλασε τις μάζες, αυτή τη φορά στη Γαλλία / Οι Γάλλοι νεοαποικιοκράτες επιστρέφουν στην Ελλάδα υπό 'ιδανικές' συνθήκες

01 April, 2017

Marble Framework

WikiLeaks

Today, March 31st 2017, WikiLeaks releases Vault 7 "Marble" -- 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.

Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code. It is "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop."

The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.

The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.

Source and leaked documents:

No comments:

Post a Comment