By Zero Hedge
In its seventh CIA leak since March 23rd, WikiLeaks has just revealed the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN). The CIA tool works by redirecting a target’s webpage search to a CIA server which serves up a webpage that looks exactly like the original page they were expecting to be served, but which contains malware. It’s only possible to detect the attack by examining the page source. Per WikiLeaks:
Today, May 5th 2017, WikiLeaks publishes “Archimedes”, a tool used by the CIA to attack a computer inside a Local Area Network (LAN), usually used in offices. It allows the re-directing of traffic from the target computer inside the LAN through a computer infected with this malware and controlled by the CIA. This technique is used by the CIA to redirect the target’s computers web browser to an exploitation server while appearing as a normal browsing session.
The document illustrates a type of attack within a “protected environment” as the the tool is deployed into an existing local network abusing existing machines to bring targeted computers under control and allowing further exploitation and abuse.
Source: WikiLeaks Reveals “Archimedes”: Malware Used To Hack Local Area Networks » The Event Chronicle
WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to keep tabs on documents leaked to whistleblowers and journalists. Scribbles allegedly embeds a web beacon-style tag into watermarks located on Microsoft Word documents that can report document analytics back to the CIA.
WikiLeaks released information Friday about Scribbles as part of its ongoing Vault 7 Dark Matter release that began last month. Also released is what WikiLeaks said is Scribbles’ source code.
A user manual describing Scribbles said the tool can be used to generate batch copies of identical or unique files, each with distinctive watermarks that includes a web beacon-like tag. A web beacon (or web bug) is a transparent graphic image that can be used to report back if a document has been opened and the IP address of the computer that requested the image file.
According to WikiLeaks, Scribble works exclusively with Microsoft Office documents. The tool, according to the user guide has been “successfully tested” to work with Microsoft Office 2013 (on Windows 8.1 x64) and Office 97-2016 running on Windows 98 and above.
WikiLeaks’ copy of the CIA’s Scribbles user manual says the tool will not work on encrypted or password-protected documents. The CIA also warns that if a document with a Scribbles’ watermark is opened in an alternative document viewing program, such as OpenOffice or LibreOffice, it may result in revealing watermarks and URLs for the user…
Source: WikiLeaks Reveals CIA Tool ‘Scribbles’ For Document Tracking | Threatpost | The first stop for security news
(Roqayah Chamseddine) Since launching in 2006, Wikileaks has reportedly released over 10 million documents, including controversial disclosures that have helped unravel war crimes, uncover corporate secrets and even brought to light explosive revelations stemming from Hillary Clinton’s most recent presidential run.Read more »
via VIDEO: iPhones Are iSpies – Wikileaks “Vault 7” Revelations Continue To Terrify — Stillness in the Storm
WikiLeaks dropped a bombshell on the U.S. Central Intelligence Agency. Code-named “Vault 7”, the whistleblowing site began releasing the largest publication of confidential documents, that have come from the top secret security network at the Cyber Intelligence Center. Long before the Edward Snowden revelations, Julian Assange noted how “The Internet, our greatest tool of emancipation,…
via Unaccounted Power is Dragging Global Society Into An Orwellian Dystopia — Prepare for Change
The FBI and CIA are investigating hundreds of possible suspects in one of the biggest security breaches in CIA history, CBS News reports. The WikiLeaks “Vault 7” release, which contained thousands of top-secret documents, revealed the agency’s hacking tools.
A joint investigation and manhunt by the Federal Bureau of Investigation and the Central Intelligence Agency into the source of WikiLeaks’ “Vault 7” dump last month has begun, CBS News justice and homeland security correspondent Jeff Pegues reported Wednesday evening.
The release last month brought to light the CIA’s digital arsenal for hacking into computer systems and smart devices such as phones and televisions. Thousands of top-secret classified files that had previously been guarded within a “highly secure section of the intelligence agency,” as CBS News sources described it, were made available to the world for free by WikiLeaks.
The source of the leak, the FBI and CIA reportedly believe, was one of the hundreds of agents or contractors who had physical access to the material, not an outside hacker. That suspicion seems to align with what WikiLeaks said in their press release announcing the Vault 7 release on March 7.
“The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” the pro-transparency group said.
Unnamed US intelligence sources told Reuters within a day of the release that the CIA had been anticipating it since near the end of 2016.
The FBI and CIA coordinated reviews of the incident and a criminal investigation was opened within a day of the release, the Washington Post reported at the time, based on an unnamed former intelligence official who said to expect “another major mole hunt.”
Former CIA Deputy Director Mike Morell told CBS News less than a week after the release that the leak “has to be an inside job,” as the data was on a CIA top secret network “not connected to any other network.”…
Source: Manhunt underway for CIA ‘traitor’ who leaked ‘Vault 7’ to WikiLeaks – report — RT America
WikiLeaks has released ‘Hive’, the fifth installment in a series of leaks exposing alleged CIA hacking techniques known as ‘Vault 7’. The latest batch consists of six documents.
WikiLeaks describes Hive as a “back-end infrastructure malware with a public-facing HTTPS interface,” used to transfer information from machines targeted by the CIA and to allow commands to be communicated in order to execute specific tasks on those machines.
To hide the presence of such malware, WikiLeaks notes that the public HTTPS interface (a protocol for secure communication over a computer network within an encrypted connection) “utilizes unsuspicious-looking cover domains,” meaning those targeted would be unaware of the CIA’s interference.
WikiLeaks notes anti-virus companies and forensic experts have noticed “possible state-actor” malware using similar back-end infrastructure, but were unable to connect the back-end to CIA operations.
READ MORE: WikiLeaks ‘hostile intel,’ Assange & his followers ‘demons’: CIA chief goes ballistic
The Hive documents released Friday may allow experts to examine this kind of communication between malware implants and backend servers, WikiLeaks says.
The CIA’s Hive project was created by its Embedded Development Branch (EDB). This branch was also responsible for projects detailed in WikiLeaks’ ‘Dark Matter’ leak, revealing the CIA’s attacks on Apple firmware.
A 2015 User Guide reveals the initial release of Hive was in 2010, and describes the software implant as having two primary functions – a beacon and interactive shell. Both are designed to provide an initial foothold to deploy other “full featured tools.”
Source: WikiLeaks releases ‘Hive’, latest in #Vault7 series — RT News
Today, April 7th 2017, WikiLeaks releases Vault 7 “Grasshopper” — 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems.CIA malware re-installs itself every 22 hours by corrupting Windows Update – even if disabled. The documents WikiLeaks publishes today provide an insights into the process…
via Do you have a Windows Computer? Wikileaks is WARNING all CUSTOMERS with THIS Latest Release — NESARA- REPUBLIC NOW – GALACTIC NEWS