Vault 7 Watch: Wikileaks discloses CIA’s tools to disguise their hacks as Russian, Chinese, Arabic…

ZeroHedge reported today that Wikileaks has released another batch of Vault 7 documents that show how the CIA disguise their hacks with code fragments in foreign languages. Wikileaks describes the tools in its press release this way:

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.

//platform.twitter.com/widgets.js

Marble 1.0 began in 2015, and was being used in 2016.

Marble was one among many sets of tools designed to obfuscate a forensic analyst tying a hacking attempt to the CIA:

Marble forms part of the CIA’s anti-forensics approach and the CIA’s Core Library of malware code. It is “[D]esigned to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop.”

Wikileaks has become quite expert at building its disclosures to an exciting climax, the latest example being its release of John Podesta’s e-mails. Thus far, Wikileaks has stayed true to form.

The natural question that the Vault 7 documents has raised is this: how likely is it that a person or a group of people in the CIA, in an official or unofficial capacity, were the ones responsible for providing the Podesta emails to Wikileaks?

Each release has been hightening the significance of that question. Only time will tell whether we will receive an answer to it.

 

The post Vault 7 Watch: Wikileaks discloses CIA’s tools to disguise their hacks as Russian, Chinese, Arabic… appeared first on A Simple Fool.

Source: A Simple Fool

Leave a Reply