WikiLeaks has resumed its CIA leaks and it has now started publishing source code and other files associated with tools allegedly developed by the intelligence agency.
In March, WikiLeaks began publishing documentation files describing what appeared to be CIA hacking tools as part of a leak dubbed Vault 7. Roughly two dozen tools and projects were disclosed over the course of several months. Now, after a two-month break, WikiLeaks announced a new round of leaks dubbed Vault 8, which provides source code and analysis for CIA tools. The organization pointed out that, similar to Vault 7, Vault 8 will not expose any zero-day or other vulnerabilities that could be used for malicious purposes.Read more
Anyone relying on the CIA for tech support got a nasty surprise this morning, as documents published by Wikileaks revealed a secret project to siphon out data through its technical liaison service, dating back to 2009.
The program, called ExpressLane, is designed to be deployed alongside a biometric collection system that the CIA provides to partner agencies. In theory, those partners are agreeing to provide the CIA with access to specific biometric data — but on the off-chance those partners are holding out on them, ExpressLane gives the agency a way to take it without anyone knowing. ExpressLane masquerades as a software update.Read more
After disclosing CIA's strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak, revealing CIA's ability to spy on video streams remotely in real-time.
Dubbed 'CouchPotato,' document leaked details how the CIA agents use a remote tool to stealthy collect video streams. CouchPotato gives CIA hackers ability to "collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame," a leaked CIA manual reads.Read more
WikiLeaks said on Monday it had published a searchable archive of what it said was more than 21,000 verified emails associated with key figures in the election campaign of French President Emmanuel Macron.
The stolen data was originally dumped on the internet in May, on the eve of the run-off between Macron and far-right opponent Marine Le Pen. Within hours of the leak, Macron's staff had said it had been targeted by a "massive and coordinated" hacking operation. His Republic on the Move party said the mails published by WikiLeaks seemed to be the same as the ones leaked on May 5 and warned that fake documents were mixed with authentic ones.Read more
The CIA’s alleged ability to trojan an Apple OS disk image has been exposed in ‘Imperial,’ the latest release from WikiLeaks Vault 7 series. This new batch is made of three hacking exploits, ‘Achilles,’ ‘SeaPea’ and ‘Aeris.’
‘Achilles’ is detailed by WikiLeaks in a statement as producing one or more operators to access an OS X disk image, and execute operations one time. The OS X disk image contains the contents and structure of the device’s storage. Intel Core 2 Processor and OS X are required on the target's computer for ‘Achilles’ to operate. ‘Imperial’ is part of a series by the whistleblowers named ‘Vault 7’ which began in March and has seen releases from WikiLeaks on an almost weekly basis.Read more
As part of its ongoing Vault 7 leaks, the whistleblower organisation WikiLeaks today revealed about a CIA contractor responsible for analysing advanced malware and hacking techniques being used in the wild by cyber criminals.
According to the documents leaked by WikiLeaks, Raytheon Blackbird Technologies, the Central Intelligence Agency contractor, submitted nearly five such reports to CIA as part of UMBRAGE Component Library (UCL) project between November 2014 and September 2015. These reports contain brief analysis about proof-of-concept ideas and malware attack vectors.Read more
Wikileaks published another set of documents Thursday. The latest release of files purportedly from the U.S. Central Intelligence Agency (CIA) details a piece of malicious software for Android devices.
The malware, referred to as Highrise, can redirect or intercept text messages sent to a target’s phone, allowing a CIA agent to access it before it lands in the inbox of the person it was intended for. HighRise acts as a proxy server for text messages, bouncing the messages to internet “listening posts” that allow an agent to intercept them. While the malicious software provides the CIA with a powerful snooping tool, there is a major limitation to Highrise.Read more
WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors.
Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy — implant for Microsoft Windows Xshell client, and Gyrfalcon — targets the OpenSSH client on various distributions of Linux OS.Read more
WikiLeaks has just published a new batch of the ongoing Vault 7 leak, this time detailing an alleged CIA project that allowed the agency to hack and remotely spy on computers running the Linux operating systems.
Dubbed OutlawCountry, the project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA controlled computer systems for exfiltrate and infiltrate data. The OutlawCountry Linux hacking tool consists of a kernel module, which the CIA hackers load via shell access to the targeted system and create a hidden Netfilter table with an obscure name on a target Linux user.Read more
Purported CIA documents published by WikiLeaks reveal the US Central Intelligence Agency has been hacking wireless routers for years as part of its surveillance efforts.
The trove of documents released by the anti-privacy publication on Thursday details the CIA’s CherryBlossom project, in which the intelligence agency has compromised Wi-Fi routers in private homes, public spaces, businesses and enterprise environments in order to gather information about specific targets. The project comes from the CIA's elite hacking unit, the Engineering Development Group. The leaked files include installation guides, manuals and other documents.Read more