Skip to main content

The CIA’s top secret virus control system

Early Friday morning, Wikileaks released its fifth batch of Vault 7 documents exposing the U.S. Central Intelligence Agency’s hacking techniques. The latest release, titled “Hive,” exposes the agency’s multi-platform malware suite that allows the CIA to monitor targets via malware as well as the ability to realize specific tasks on compromised machines.

Hive is said to provide customizable implants for a variety of operating systems for distinct types of devices, not just computers, tablets, and phones. Among the platforms vulnerable to Hive include Linux, Windows, Solaris, MikroTik (used in Internet routers), and AVTech Network Video Recorders (often used in CCTV recording). First released in 2010, Hive is essentially an “implant” that functions as both a beacon and shell, allowing CIA hackers to gain a foothold in devices that allow them to deploy any number of other tools, such as those detailed in previous releases.

Wikileaks has described Hive’s function as a “back-end infrastructure malware” that uses public HTTPS interfaces which provide “unsuspicious-looking cover domains” to hide its presence on infected devices. Each of those domains is linked to an IP address at a commercial Virtual Private Server (VPS) provider, which forwards all incoming traffic to what is termed a “Blot” server. All re-directed traffic is then examined by CIA hackers to see if it contains a valid beacon. If it does, then a tool handler – called Honeycomb in the released documents – and the CIA then begins initiating other actions on the target computer. The released user guide shows that Hive allows for the uploading and deleting of files as well as the execution of applications on the device.

Unlike some other Vault 7 tools which can persist indefinitely on targeted devices, Hive comes with a “self-delete” function that allows the malware to destroy itself if it receives no signal from the CIA for a set amount of time. The self-deletion leaves only a log and configuration file, containing only a time-stamp behind. Apparently this feature posed difficulties to CIA developers as the self-deletion can “be problematic due to the inability to accurately assess the reliability of the host’s system clock,” according to the Hive Developers Guide.

Wikileaks noted that anti-virus companies along with forensic experts have noticed before that malware, potentially originating from a state-actor, utilized the same back-end infrastructure implantation that Hive employs. Through the analysis of the communication between specific implants, these experts and software companies were able to determine that the malware’s origin came from a “well-resourced organization which was involved in intelligence gathering operations.”

However, there had been unable to attribute the back-end or the implants to the CIA, though Wikileaks’ release of Hive may change that. Indeed, Wikileaks noted in its press release that “The documents from this publication might further enable anti-malware researchers and forensic experts to analyse this kind of communication between malware implants and back-end servers used in previous illegal activities.

Wikileaks’ latest release comes on the heels of CIA director Mike Pompeo’s aggressive statements against the transparency organization in which he labeled them “non-state hostile intelligence service.” He also condemned Wikileaks’ editor-in-chief, Julian Assange of making “common cause with dictators.” While other CIA directors have targeted both Wikileaks and Assange in the past, Wikileaks now five releases of top secret CIA hacking tools may have prompted an escalation in Pompeo’s rhetoric. It remains to be seen if this rhetoric will translate into action, however.

Assange, for his part, doesn’t seem too concerned, choosing to respond with a witty retort that incisively pointed out the CIA’s lack of credibility in making such accusations:


Source and links:

Comments

Popular posts from this blog

While Trump cuts food stamps, USAID bankrolls Venezuela regime change with half a billion in tax dollars

The Trump administration has spent $654 million in “aid” to try to overthrow Venezuela’s government, including $435 million through USAID and $128 million directly to Juan Guaidó and his corrupt coup gang — all while imposing crippling austerity at home.
by Ben Norton
Part 5 - Falsely accusing Venezuela of the hemisphere’s worst migrant crisis

In addition to directly participating in regime-change efforts and bankrolling right-wing opposition groups, USAID has helped to popularize demonstrably false talking points demonizing Venezuela, which have been breathlessly echoed by corporate media stenographers.

In its press statements announcing tens of millions of tax dollars in support for Venezuela’s right-wing coup regime, USAID has accused Venezuela of creating “the largest external displacement in the history of the Western Hemisphere.

Mainstream media outlets have frequently repeated this claim, citing the US regime-change organization without investigating its veracity.
It is impossib…

We can't just wait for robots and 3D printers to overthrow capitalism

by system failure

During a speech four years ago, Yanis Varoufakis ended with some interesting views about the future of the capitalist system. As he pointed out:
The world we live in, is increasingly rudderless, in a constant slow burning recession, while at the very same time, the increasing concentration in the IT sector is creating the new technologies that will do that which the Left has failed to do: overthrow Capitalism. It is really very simple. The moment machines pass the Turing test properly, and you pick up the phone and you do not know whether the person you are talking to is a human being or a machine˙ the moment we are going to have 3D printers operating as public utilities - you can send any blueprint to it and it can print from one pin to a motorcycle, or to a car - the moment that this happens, we have not just a process of Schumpeterian creative destruction, but we have a process where economies of scale and the whole logic of corporate Capitalism colla…

Εξωτερική πολιτική για κλάματα: το Μητσοτακικό καθεστώς βάζει τη χώρα σε νέες περιπέτειες

globinfo freexchange

Πιστεύαμε ότι η κυβέρνηση Τσίπρα 'το είχε τερματίσει' όταν αποφάσισε (προφανώς μετά από έντονες Αμερικανικές πιέσεις) να προβεί στην ανήκουστη και απαράδεκτη ενέργεια να απελάσει τους τέσσερις Ρώσους διπλωμάτες. Το Μητσοτακικό καθεστώς όμως φαίνεται ότι έχει κάνει νέο ρεκόρ πλήρους υποταγής στους Αμερικανούς ιμπεριαλιστές, δίνοντας το τελειωτικό χτύπημα στην ευελιξία της εξωτερικής πολιτικής που θα έπρεπε να έχει, έτσι και αλλιώς, κάθε σοβαρή και ανεξάρτητη χώρα. 
Όμως η δήλωση Μητσοτάκη απλώς επιβεβαίωσε ότι η νεοφιλελεύθερη Μητσοτακική δεξιά, η χειρότερη που γνώρισε η χώρα μεταπολιτευτικά, είναι απόλυτα υπόδουλη στα Αμερικανικά συμφέροντα. Και τελικά, πως η ίδια η χώρα, είναι ένα Δυτικό προτεκτοράτο και μια κανονική αποικία (και όχι απλά αποικία χρέους).
Ο χειρότερος Μητσοτάκης όλων των εποχών αποφάσισε να επισκεφτεί τον Ντόναλντ Τραμπ για να κάνει το πιστό του 'ρομποτάκι', δηλώνοντας ουσιαστικά ότι επικροτεί την εγκληματική ενέργεια - πέρα από κ…

Το Μητσοτακικό καθεστώς βυθίζει τη χώρα στο χάος

globinfo freexchange
Αμέσως μόλις η κυβέρνηση Μητσοτάκη ανέλαβε τα ηνία της χώρας, είχαμε προειδοποιήσει ότι, είτε με την ψήφο του, είτε με την αποχή του, ο "σοφός λαός" έδωσε το ελεύθερο στη χειρότερη δεξιά της μεταπολίτευσης να σαρώσει σαν 'οδοστρωτήρας' τα πάντα στο πέρασμά της. Μετά από τέσσερα χρόνια νεοφιλελεύθερης λαίλαπας, το τοπίο καταστροφής θα έχει κάνει τη χώρα κυριολεκτικά αγνώριστη.
Δεν μπορούσαμε όμως να φανταστούμε ότι η Μητσοτακική δεξιά θα παρήγαγε τέτοιο χάος σε τόσο μικρό διάστημα. Κι όμως, θα έπρεπε να το είχαμε προβλέψει.  
Διότι ένα τέτοιο καθεστώς, που ουσιαστικά επιβλήθηκε με τη βοήθεια της μιντιακής χούντας μέσα από μια εικονική πραγματικότητα αδιάκοπης επικοινωνιακής προπαγάνδας, ήταν θέμα χρόνου να τα βρει σκούρα όταν θα προσγειώνονταν απότομα στον πραγματικό κόσμο. 
Και το προσφυγικό ζήτημα ήταν αυτό που κυρίως επίσπευσε την αποκάλυψη της απόλυτης ένδειας του καθεστώτος και την πλήρη ανικανότητά του να χειριστεί σχεδόν οποιοδήποτε πρόβ…

WikiLeaks paper confirms biggest fear of the US empire and the Wall Street mafia

The WIKILEAKS Public Library of US Diplomacy (PlusD) holds the world's largest searchable collection of United States confidential, or formerly confidential, diplomatic communications. As of April 8, 2013 it holds 2 million records comprising approximately 1 billion words. The collection covers US involvements in, and diplomatic or intelligence reporting on, every country on earth. It is the single most significant body of geopolitical material ever published. The PlusD collection, built and curated by WikiLeaks, is updated from a variety of sources, including leaks, documents released under the Freedom of Information Act (FOIA) and documents released by the US State Department systematic declassification review. 
globinfo freexchange
A cable from July, 2007, depicts the anxiety of US officials about the potential capability of North Korea to produce hardly detectable US counterfeit currency.

There are numerous references about the effort of the US government to stop the production…

It's official: the oligarchs and the corporate media declare war on Sanders' progressive movement

globinfo freexchange
We can safely now say that Bloomberg's propaganda ad against Bernie Sanders' supporters marks the establishment's official declaration of war on the progressive movement. Previously, corporate media revived the "BernieBro" myth in order to open the road for the war.
As we already mentioned, the anti-movement hysteria reached unprecedented levels when MSNBC anchor Chuck Todd compared Sanders' supporters to Nazi brownshirts! Todd's preposterous comparison wasn't accidental. He was specifically targeting moderate voters of the Democratic party. The aim was to scare them and prevent further popular-vote leakage from the establishment nominees towards Bernie during the next primary battles.
Michael Bloomberg grabbed the chance and tried to amplify further the BernieBro-scare through a blatantly propagandistic sample of negative advertisement. He doesn't have any movement behind him, but he has a lot of money to spend for smear camp…

Julian Assange - Public Rally Event with Wikileaks, Nils Melzer, Tariq Ali and more

acTVism Munich
The complete public rally event for Julian Assange that took place on the 4th of February 2020 at the Royal National Hotel in London. This event was organised by the "Don't Extradite Assange Campaign". 

As Houthis close in on Al-Qaeda in Yemen, US drone strikes target its leaders

An escalating campaign of U.S. drone strikes in Yemen has sparked anger from residents and tribal leaders. The drone strikes, according to the victims’ relatives, not only killed suspected members of al-Qaeda in the Arabian Peninsula (AQAP) but also killed and injured a number of civilians. The recent escalation comes after the commander of the U.S Central Forces, Joseph Votel, handed ousted former Yemeni President Abdrabbuh Mansur Hadi a list of al-Qaeda military commanders and their supporters being targeted by the United States, according to local news outlets close to Hadi.
Last week, a suspected C.I.A. drone targeted a home alleged to contain al-Qaeda leader Qassim al-Rimi in Marib Province, allegedly killing not only al-Rimi but some innocent civilians as well. By Washington’s standards, residents told MintPress, just because they were near the house, those civilians deserved to die alongside al-Qaeda. 
The drone strike took place in the al-Hazmah region in the eastern province…

Capitalist factions continue tough bargain in the beginning of the post-Brexit era

globinfo freexchange
Johnson's victory in the recent UK national election marked the definite "divorce" between the UK and the EU. Yet, the real "show" starts now as we begin to realize the toughness of the Brexit negotiations and the war between the capitalist factions, which is expected to become wilder. 
As we already mentioned, the pro-Brexit faction sees a potential Labour government under Jeremy Corbyn, also as a major threat. This is one of the few common views it has with the globalist faction. Now that the Corbyn "threat" has been removed, capitalist factions are free to focus on the war between them.
Johnson's big victory gives an additional advantage to the Brexiteers who are now seeking to impose their terms in this very tough bargain. 
In this merciless war, first signs show that Boris Johnson seeks a decisive strike at the heart of the globalist faction. That is, the financial sector and the City financial capital. Another decisive v…

Social Media and Social Control: how Silicon Valley serves the US State Department

Facebook isn’t the only Silicon Valley firm with partisan oversight of what we see: the bipartisan billionaire class and their security state have partnered with tech firms since the dawn of the internet to control the parameters of users’ thinking.
by Morgan Artyukhina 
Part 17 - Pentagon-Google cooperation
Alphabet’s Eric Schmidt, too, is connected to the U.S. security state as well as to the Democratic Party, again proving that a cross-party link is established where the material interests of the billionaire class are shared. A man who joined the Google team early-on in 2001, by 2011 Schmidt was able to step down from Google’s Chief Executive Officer to be the Executive Chairman of its Board of Directors with a $100 million equity award. He maintained that position through the 2015 restructuring of Google into the holding company Alphabet, Inc., stepping down in 2017 only to become chairman of the Pentagon’s Defense Innovation Board, an advisory committee to the Secretary of Defense.…