Category Archives: #VAULT7

– Wikileaks data dump of CIA resources and dirty tricks.

WikiLeaks Publishes New ‘Vault 7’ Exploits Tested on Older Macs Running Snow Leopard and Lion

In the Achilles user guide, it’s explained that the trojaned .dmg file would behave similarly to the original file, and that all of the operator’s intended executables would run the first time the app is launched. Afterwards, all traces of Achilles would be “removed securely” from the …

Source: http://ift.tt/2hgYcEX

#Vault7: CIA’s ‘Pandemic’ turns file servers into ‘Patient Zero’ | Galactic Connection

The latest WikiLeaks ‘Vault7’ release details an alleged CIA project allowing the spy agency to give file servers the capability to infect machines which access them remotely.

‘Pandemic’ reveals the role of a persistent implant for Microsoft Windows file servers, accessed by remote machines to run programs, according to a statement from WikiLeaks.

The project acts as a ‘Patient Zero’ – a term used to describe the first identified carrier of a communicable disease during an outbreak.

‘Pandemic’ disguises itself on the infected source machine where the targeted files remain unchanged.

It’s modified when in transit from the source file server to the remote machine. When executed on the new machine ‘Pandemic’ will install the program, an iteration of which will now contain modified code.

‘Pandemic’ can replace up to 20 programs, with a maximum size of 800MB.

According to WikiLeaks “a single computer on a local network with shared drives that’s infected with the ‘Pandemic’ implant will act like a ‘Patient Zero’ in the spread of a disease.” 

The latest release, which consists of five files, does not make clear if the infected machines become new pandemic servers, although WikiLeaks claims this is technically feasible.

According to the ‘Pandemic’ documentation its installation takes between 10 to 15 seconds.

The release is the latest in WikiLeaks’ ‘Vault7’ series, detailing hacking techniques allegedly sourced from within the CIA.

Previous releases have revealed techniques used to weaponize mobile phones, conduct surveillance via Smart TVs and load and execute malware on a target machine.

Source: #Vault7: CIA’s ‘Pandemic’ turns file servers into ‘Patient Zero’ | Galactic Connection

#Vault7 ‘Athena’: CIA’s anti-Windows malware ‘better than bombing things’

The latest in WikiLeaks’ series of #Vault7 leaks was released Friday detailing malware that provides remote beacon and loader capabilities on target computers using several Microsoft Windows operating systems. Read Full Article at RT.com

via #Vault7 ‘Athena’: CIA’s anti-Windows malware ‘better than bombing things’ — RT – Daily news

“Worst-Ever Recorded” Ransomware Attack Strikes Over 57,000 Users Worldwide, Using NSA-Leaked Tools | Zero Hedge

The ransomware has been identifed as WannaCry

* * *

Update 4: According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept “I’ve never seen anything like this with ransomware,” and “the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries. As The Intercept details,

Today’s WannaCry attack appears to use an NSA exploit codenamed ETERNALBLUE, a software weapon that would have allowed the spy agency’s hackers to break into any of millions of Windows computers by exploiting a flaw in how certain version of Windows implemented a network protocol commonly used to share files and to print. Even though Microsoft fixed the ETERNALBLUE vulnerability in a March software update, the safety provided there relied on computer users keeping their systems current with the most recent updates. Clearly, as has always been the case, many people (including in governments) are not installing updates. Before, there would have been some solace in knowing that only enemies of the NSA would have to fear having ETERNALBLUE used against them–but from the moment the agency lost control of its own exploit last summer, there’s been no such assurance.

Today shows exactly what’s at stake when government hackers can’t keep their virtual weapons locked up.

As security researcher Matthew Hickey, who tracked the leaked NSA tools last month, put it, “I am actually surprised that a weaponized malware of this nature didn’t spread sooner.”

Update 3: Microsoft  has issued a statement, confirming the status the vulnerability…

Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt.

In March, we provided a security update which provides additional protections against this potential attack.

Those who are running our free antivirus software and have Windows updates enabled, are protected. We are working with customers to provide additional assistance.

Source: “Worst-Ever Recorded” Ransomware Attack Strikes Over 57,000 Users Worldwide, Using NSA-Leaked Tools | Zero Hedge

WikiLeaks Reveals “Archimedes”: Malware Used To Hack Local Area Networks » The Event Chronicle

By Zero Hedge

In its seventh CIA leak since March 23rd, WikiLeaks has just revealed the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN).  The CIA tool works by redirecting a target’s webpage search to a CIA server which serves up a webpage that looks exactly like the original page they were expecting to be served, but which contains malware. It’s only possible to detect the attack by examining the page source.  Per WikiLeaks:

Today, May 5th 2017, WikiLeaks publishes “Archimedes”, a tool used by the CIA to attack a computer inside a Local Area Network (LAN), usually used in offices. It allows the re-directing of traffic from the target computer inside the LAN through a computer infected with this malware and controlled by the CIA. This technique is used by the CIA to redirect the target’s computers web browser to an exploitation server while appearing as a normal browsing session.

The document illustrates a type of attack within a “protected environment” as the the tool is deployed into an existing local network abusing existing machines to bring targeted computers under control and allowing further exploitation and abuse.

Source: WikiLeaks Reveals “Archimedes”: Malware Used To Hack Local Area Networks » The Event Chronicle

WikiLeaks Reveals CIA Tool ‘Scribbles’ For Document Tracking | Threatpost | The first stop for security news

 

WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to keep tabs on documents leaked to whistleblowers and journalists. Scribbles allegedly embeds a web beacon-style tag into watermarks located on Microsoft Word documents that can report document analytics back to the CIA.

WikiLeaks released information Friday about Scribbles as part of its ongoing  Vault 7 Dark Matter release that began last month. Also released is what WikiLeaks said is Scribbles’ source code.

A user manual describing Scribbles said the tool can be used to generate batch copies of identical or unique files, each with distinctive watermarks that includes a web beacon-like tag. A web beacon (or web bug) is a transparent graphic image that can be used to report back if a document has been opened and the IP address of the computer that requested the image file.

According to WikiLeaks, Scribble works exclusively with Microsoft Office documents. The tool, according to the user guide has been “successfully tested” to work with Microsoft Office 2013 (on Windows 8.1 x64) and Office 97-2016 running on Windows 98 and above.

WikiLeaks’ copy of the CIA’s Scribbles user manual says the tool will not work on encrypted or password-protected documents. The CIA also warns that if a document with a Scribbles’ watermark is opened in an alternative document viewing program, such as OpenOffice or LibreOffice, it may result in revealing watermarks and URLs for the user…

Source: WikiLeaks Reveals CIA Tool ‘Scribbles’ For Document Tracking | Threatpost | The first stop for security news

VIDEO: iPhones Are iSpies – Wikileaks “Vault 7” Revelations Continue To Terrify

(Roqayah Chamseddine) Since launching in 2006, Wikileaks has reportedly released over 10 million documents, including controversial disclosures that have helped unravel war crimes, uncover corporate secrets and even brought to light explosive revelations stemming from Hillary Clinton’s most recent presidential run.Read more »

via VIDEO: iPhones Are iSpies – Wikileaks “Vault 7” Revelations Continue To Terrify — Stillness in the Storm

Unaccounted Power is Dragging Global Society Into An Orwellian Dystopia

WikiLeaks dropped a bombshell on the U.S. Central Intelligence Agency. Code-named “Vault 7”, the whistleblowing site began releasing the largest publication of confidential documents, that have come from the top secret security network at the Cyber Intelligence Center. Long before the Edward Snowden revelations, Julian Assange noted how “The Internet, our greatest tool of emancipation,…

via Unaccounted Power is Dragging Global Society Into An Orwellian Dystopia — Prepare for Change

Manhunt underway for CIA ‘traitor’ who leaked ‘Vault 7’ to WikiLeaks – report — RT America

The FBI and CIA are investigating hundreds of possible suspects in one of the biggest security breaches in CIA history, CBS News reports. The WikiLeaks “Vault 7” release, which contained thousands of top-secret documents, revealed the agency’s hacking tools.

A joint investigation and manhunt by the Federal Bureau of Investigation and the Central Intelligence Agency into the source of WikiLeaks’ “Vault 7” dump last month has begun, CBS News justice and homeland security correspondent Jeff Pegues reported Wednesday evening.

The release last month brought to light the CIA’s digital arsenal for hacking into computer systems and smart devices such as phones and televisions. Thousands of top-secret classified files that had previously been guarded within a “highly secure section of the intelligence agency,” as CBS News sources described it, were made available to the world for free by WikiLeaks.

The source of the leak, the FBI and CIA reportedly believe, was one of the hundreds of agents or contractors who had physical access to the material, not an outside hacker. That suspicion seems to align with what WikiLeaks said in their press release announcing the Vault 7 release on March 7.

“The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” the pro-transparency group said.

Unnamed US intelligence sources told Reuters within a day of the release that the CIA had been anticipating it since near the end of 2016.

The FBI and CIA coordinated reviews of the incident and a criminal investigation was opened within a day of the release, the Washington Post reported at the time, based on an unnamed former intelligence official who said to expect “another major mole hunt.”

Former CIA Deputy Director Mike Morell told CBS News less than a week after the release that the leak “has to be an inside job,” as the data was on a CIA top secret network “not connected to any other network.”…

Still working through the publication, but what @Wikileaks has here is genuinely a big deal. Looks authentic.

What makes this look real?
Program & office names, such as the JQJ (IOC) crypt series, are real. Only a cleared insider could know them.

Source: Manhunt underway for CIA ‘traitor’ who leaked ‘Vault 7’ to WikiLeaks – report — RT America

WikiLeaks releases ‘Hive’, latest in #Vault7 series — RT News

WikiLeaks has released ‘Hive’, the fifth installment in a series of leaks exposing alleged CIA hacking techniques known as ‘Vault 7’. The latest batch consists of six documents.

WikiLeaks describes Hive as a “back-end infrastructure malware with a public-facing HTTPS interface,” used to transfer information from machines targeted by the CIA and to allow commands to be communicated in order to execute specific tasks on those machines.

To hide the presence of such malware, WikiLeaks notes that the public HTTPS interface (a protocol for secure communication over a computer network within an encrypted connection) “utilizes unsuspicious-looking cover domains,” meaning those targeted would be unaware of the CIA’s interference.

WikiLeaks notes anti-virus companies and forensic experts have noticed “possible state-actor” malware using similar back-end infrastructure, but were unable to connect the back-end to CIA operations.

READ MORE: WikiLeaks ‘hostile intel,’ Assange & his followers ‘demons’: CIA chief goes ballistic

The Hive documents released Friday may allow experts to examine this kind of communication between malware implants and backend servers, WikiLeaks says.

The CIA’s Hive project was created by its Embedded Development Branch (EDB). This branch was also responsible for projects detailed in WikiLeaks’ ‘Dark Matter’ leak, revealing the CIA’s attacks on Apple firmware.

: WikiLeaks releases ‘Dark Matter’ batch of CIA hacking tactics for Apple products https://on.rt.com/86rt 

A 2015 User Guide reveals the initial release of Hive was in 2010, and describes the software implant as having two primary functions – a beacon and interactive shell. Both are designed to provide an initial foothold to deploy other “full featured tools.”

Source: WikiLeaks releases ‘Hive’, latest in #Vault7 series — RT News

Do you have a Windows Computer? Wikileaks is WARNING all CUSTOMERS with THIS Latest Release — NESARA-NEWS

Today, April 7th 2017, WikiLeaks releases Vault 7 “Grasshopper” — 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems.CIA malware re-installs itself every 22 hours by corrupting Windows Update – even if disabled. The documents WikiLeaks publishes today provide an insights into the process…

Schermata 2017-04-07 alle 18.37.18

via Do you have a Windows Computer? Wikileaks is WARNING all CUSTOMERS with THIS Latest Release — NESARA- REPUBLIC NOW – GALACTIC NEWS

Susan Rice Unmasks Then Bang Wikileaks Drops Another Log on the Fire! 

By Lisa Haven

Earlier this year it was revealed by Julian Assange, Wikileaks, via their Vault 7 release, that the CIA created a secondary NSA surveillance system—one with less oversight than that of the NSA. It was also discovered that the CIA could implant virtual forensic fingerprints on computers and frame someone for a crime they didn’t commit, through a project known as UMBRAGE. Furthermore, Wikileaks revealed how the CIA could remotely take over the controls on vehicles and cause undetectable assassinations.

A few weeks later Wikileaks placed another nail in the CIA coffin with their release of Dark Matter, a program which proves they are implanting technology in iPhones during their creation. Meaning all the CIA has to do is access the “chip” to hear any and everything you are saying.

Now, as of March 31st, Wikileaks dropped yet another section of the Vault 7 files with their latest release of Marble Framework. Here’s more on this report…

Source: Susan Rice Unmasks Then Bang Wikileaks Drops Another Log on the Fire! | Police State

Vault7: WikiLeaks Reveals ‘Marble’ Tool That Can Frame Russia, China, & More For Cyber Attacks – Collective Evolution

Wikileaks just released another set of documents from Vault 7 that detail the CIA’s secret anti-forensic program, Marble Framework, which allows them to prevent forensic investigators from pinning hacking attacks, viruses, and trojans to the agency. It shows just how protected the CIA is from being held accountable for unethical or illegal actions. advertisement – learn moreAccording to Wikileaks, the program allows them to direct blame away from the CIA and onto another party by hiding fragments of texts that would allow the author of the malware to be identified…

Source: Vault7: WikiLeaks Reveals ‘Marble’ Tool That Can Frame Russia, China, & More For Cyber Attacks – Collective Evolution

Wikileaks Releases “NightSkies 1.2”: Proof CIA Bugs Your “Factory Fresh” iPhones » The Event Chronicle

The latest leaks from WikiLeaks’ Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.  The full documents are expected to be released after a 10 a.m. EDT “press briefing” that WikiLeaks promoted on its Twitter.

Here is a live stream of the press briefing with Julian Assange:

And here is the full press release from WikiLeaks:

Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.

Among others, these documents reveal the “Sonic Screwdriver” project which, as explained by the CIA, is a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting” allowing an attacker to boot its attack software for example from a USB stick “even when a firmware password is enabled”. The CIA’s “Sonic Screwdriver” infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.

“DarkSeaSkies” is “an implant that persists in the EFI firmware of an Apple MacBook Air computer” and consists of “DarkMatter”, “SeaPea” and “NightSkies”, respectively EFI, kernel-space and user-space implants.

Documents on the “Triton” MacOSX malware, its infector “Dark Mallet” and its EFI-persistent version “DerStake” are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.

Also included in this release is the manual for the CIA’s “NightSkies 1.2” a “beacon/loader/implant tool” for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

Source: Wikileaks Releases “NightSkies 1.2”: Proof CIA Bugs Your “Factory Fresh” iPhones » The Event Chronicle

WIKILEAKS’ ‘DARK MATTER’ DUMP SHOWS CIA’S IPHONE, MACBOOK HACKS

CIA documents published by WikiLeaks Thursday reveal hacks used by the agency against Apple cellphones and computers.

Dubbed “Dark Matter,” the documents, a new addition to WikiLeaks’ ongoing “Vault 7” dump, detail hacks developed for iPhones and MacBooks as far back as 2008.

“These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware,” a WikiLeaks press release says.

By targeting the firmware, CIA hackers can remain in control of an infected device even if the target wipes the data and re-installs the operating system.


One such tool, known as “Sonic Screwdriver,” is, according to the CIA, a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting…”

By providing a target with a compromised peripheral device such as an Apple Thunderbolt-to-Ethernet adapter, which stores “Sonic Screwdriver” in its firmware, the CIA can gain persistence “even when a firmware password is enabled” on the target computer.

A 2008 document discussing an attack on iPhones, called “NightSkies,” reveals a malicious implant that would be physically installed on a new device. One method of deploying the hack could potentially involve intercepting an iPhone before it reaches a target.

“The tool operates in the background providing upload, download and execution capability on the device,” the document states. “NS is installed via physical access to the device and will wait for user activity before beaconing.”…

via WikiLeaks’ ‘Dark Matter’ Dump Shows CIA Hacks Against iPhones, MacBooks — Infowars

iSpy: Wikileaks New CIA “Dark Matter” #Vault7 Release Shows Agency Infected Apple

 

(Cheryl Yurkowski) Wikileaks has released CIA Vault7 “Dark Matter,” and the newest leak contains several documents of CIA projects that infect Apple Mac computer firmware. Developed by the CIA’s embedded Development Branch (EDB), these documents explain the techniques used by the CIA to gain ‘persistence’ on Apple Mac devices and iPhones. This means that the infection…

via iSpy: Wikileaks New CIA “Dark Matter” #Vault7 Release Shows Agency Infected Apple — Stillness in the Storm

Top 15 Discoveries & Implications of Wikileaks CIA Vault 7 – So Far » The Event Chronicle

Vault 7 is the name given to the latest and biggest leak in both Wikileaks and CIA history. Learn the top 15 discoveries & implications so far.

By Makia Freeman

Vault 7 has been the subject of a curious and cryptic set of tweets from Wikileaks over the course of the past month or so. Now we know why. In bombshell news, in the greatest leak in Wikileaks history, in the greatest leak in CIA history, a total of 8,761 documents has been released in a series that has been dubbed Vault 7. Even for seasoned conspiracy researchers, the documents are fascinating and horrible at the same time. It confirms the suspicions and knowledge of many investigators. Now we have the proof to substantiate our hunches and intuition. The CIA has been caught with its pants down: spying on its citizens, bypassing encryption to steal their messages, hacking into their electronic devices to listen on their conversations, using US consulates abroad to conduct spying operations, remotely hacking into vehicles (to perform undetectable assassinations) and much more.

Some will be shocked, but really, let’s remember the true nature and purpose of the CIA: a rogue agency that overthrows foreign leaders, install puppet regimes, imports drugs, runs guns and assassinates anyone who gets in the way of its agenda, including US presidents. Wikileaks has stated that it has only released less than 1% of its Vault 7 series, so this is literally the tip of the iceberg. Imagine what else is to come …

Here are the top 15 discoveries and implications of Vault 7 so far:

Vault 7 Discovery/Implication #1: CIA = Virus & Malware Factory

The CIA is not just a rogue agency that runs illegal drugs and weapons, assassinates people, starts wars and conducts regime change. It has also spent untold millions or even billions of dollars developing what is probably the most sophisticated cyber warfare/hacking/spying department on the planet, equalling or even surpassing that of the NSA. Wikileaks reveals that the CIA has its own “hacking division” that is run by its CCI (Center for Cyber Intelligence) which by the end of 2016…

Source: Top 15 Discoveries & Implications of Wikileaks CIA Vault 7 – So Far » The Event Chronicle

Anonymous – This Is going to Change Everything We Know… (CIA Secrets Exposed 2017)

Published on Mar 11, 2017

The “full wrath” of the United States Central Intelligence Agency (CIA) will soon descend upon all of America after the deadliest secret lies of this “Deep State” spy agency currently at war with President Donald Trump, have now been exposed for the entire world to see, and whose next “false flag” terror attack to cover up their crimes may come as soon this coming week…Full Transcript: http://pastebin.com/raw/qxeW67wU

Vault 7: CIA Hacking Tools Revealed: https://wikileaks.org/ciav7p1

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.

Share this video:
https://youtu.be/3RMscOm2zXM

Original video credit:
https://www.youtube.com/channel/UC065… (7:359:48)

Source: Anonymous – This Is going to Change Everything We Know… (CIA Secrets Exposed 2017) | EU

FULL ARTICLE Benjamin Fulford 3-13-17… “World Freemasons gather in Tokyo to select new leader and golden age dawns”

a part of the movement to Truth!