USA POLITICS: WikiLeaks Vault 7 ‘Hive’: Secret CIA Virus Control System Exposed

Politicoscope
By Politicoscope April 14, 2017 12:04
MOST POPULAR YOU MAY LIKE

POLITICS HOME: Current Political Article


WikiLeaks has released ‘Hive’, the fifth installment in a series of leaks exposing alleged CIA hacking techniques known as ‘Vault 7’.

Continue below with the full current political topic.

USA POLITICS: WikiLeaks Vault 7 ‘Hive’: Secret CIA Virus Control System Exposed

WikiLeaks has released ‘Hive’, the fifth installment in a series of leaks exposing alleged CIA hacking techniques known as ‘Vault 7’. The latest batch consists of six documents and details how the agency can use malware to monitor targets.

WikiLeaks has released ‘Hive’, the fifth installment in a series of leaks exposing alleged CIA hacking techniques known as ‘Vault 7’. The latest batch consists of six documents and details how the agency can use malware to monitor targets.

To hide the presence of such malware, WikiLeaks notes that the public HTTPS interface (a protocol for secure communication over a computer network within an encrypted connection) “utilizes unsuspicious-looking cover domains,” meaning those targeted would be unaware of the CIA’s interference.

WikiLeaks notes anti-virus companies and forensic experts have noticed “possible state-actor” malware using similar back-end infrastructure, but were unable to connect the back-end to CIA operations.

The Hive documents released Friday may allow experts to examine this kind of communication between malware implants and backend servers, WikiLeaks says. The CIA’s Hive project was created by its Embedded Development Branch (EDB). This branch was also responsible for projects detailed in WikiLeaks’ ‘Dark Matter’ leak, revealing the CIA’s attacks on Apple firmware. A 2015 User Guide reveals the initial release of Hive was in 2010, and describes the software implant as having two primary functions – a beacon and interactive shell. Both are designed to provide an initial foothold to deploy other “full featured tools.”

– RT

Hive: 14 April, 2017
Today, April 14th 2017, WikiLeaks publishes six documents from the CIA’s HIVE project created by its “Embedded Development Branch” (EDB).

HIVE is a back-end infrastructure malware with a public-facing HTTPS interface which is used by CIA implants to transfer exfiltrated information from target machines to the CIA and to receive commands from its operators to execute specific tasks on the targets.

HIVE is used across multiple malware implants and CIA operations. The public HTTPS interface utilizes unsuspicious-looking cover domains to hide its presence.

Anti-Virus companies and forensic experts have noticed that some possible state-actor malware used such kind of back-end infrastructure by analyzing the communication behaviour of these specific implants, but were unable to attribute the back-end (and therefore the implant itself) to operations run by the CIA. In a recent blog post by Symantec, that was able to attribute the “Longhorn” activities to the CIA based on the Vault 7, such back-end infrastructure is described:

For C&C servers, Longhorn typically configures a specific domain and IP address combination per target. The domains appear to be registered by the attackers; however they use privacy services to hide their real identity. The IP addresses are typically owned by legitimate companies offering virtual private server (VPS) or webhosting services.

The malware communicates with C&C servers over HTTPS using a custom underlying cryptographic protocol to protect communications from identification.

The documents from this publication might further enable anti-malware researchers and forensic experts to analyse this kind of communication between malware implants and back-end servers used in previous illegal activities.

WikiLeaks



Up Next on Politicoscope

Share this Article: "USA POLITICS: WikiLeaks Vault 7 ‘Hive’: Secret CIA Virus Control System Exposed"

Readers Who Read this Article Also Read

Since You’re Here, We Would Like to ask You for Help
There are more readers worldwide reading the Politicoscope daily news content than ever before. Unlike many other news media organisations that charge their readers subscription fees for the same daily news content and features we offer you for free, we do not charge all our readers to pay any fee. We depend on online advertising to generate the revenues to fund all these great news content and exclusive features provided to you for free. Currently, advertising revenues are quickly falling which is affecting our ability to offer you free online news content.
If everyone who reads our news content, likes it and helps to support it, we can have future guarantee to offer you with the best daily news content and other amazing features, all for free.
"I visit Politicoscope everyday to read my daily news in world politics. I'm glad it's all for free. On my part, I'm happy to donate monthly so as to continue enjoying these free content because it's actually a small amount from me compared to paid subscriptions by other news organisations. I want to help Politicoscope grow more so that I and other readers can continue to have access to free and exclusive daily online news." - Denise H., from LA, USA.
Help keep Politicoscope alive and grow stronger for you.

Donate Online Today


Politicoscope
By Politicoscope April 14, 2017 12:04

Readers Who Read this Article Also Read

Since You’re Here, We Would Like to ask You for Help
There are more readers worldwide reading the Politicoscope daily news content than ever before. Unlike many other news media organisations that charge their readers subscription fees for the same daily news content and features we offer you for free, we do not charge all our readers to pay any fee. We depend on online advertising to generate the revenues to fund all these great news content and exclusive features provided to you for free. Currently, advertising revenues are quickly falling which is affecting our ability to offer you free online news content.
If everyone who reads our news content, likes it and helps to support it, we can have future guarantee to offer you with the best daily news content and other amazing features, all for free.
"I visit Politicoscope everyday to read my daily news in world politics. I'm glad it's all for free. On my part, I'm happy to donate monthly so as to continue enjoying these free content because it's actually a small amount from me compared to paid subscriptions by other news organisations. I want to help Politicoscope grow more so that I and other readers can continue to have access to free and exclusive daily online news." - Denise H., from LA, USA.
Help keep Politicoscope alive and grow stronger for you.

Donate Online

$
Personal Info

Donation Total: $10.00



What's on Your Mind?