Wikileaks revealed the source code for Hive on Thursday, a CIA (Central Intelligence Agency) implants employed in transferring exfiltrated information from target Windows machines. The technical specifics for Hive were launched back on April 14th, 2017 in Vault 7 series of documents.
Vault 7 series was directed at detailing activities and hacking capabilities of the CIA to execute electronic surveillance and cyber warfare. During the series, WikiLeaks published technical details on 23 tools that were purportedly utilized by the agency to hack Smart TVs, cars, web browsers, operating systems (including Windows, Mac, and Linux), smartphone operating system (including Android and iOS), VLC player, webcams, and microphones.
Nevertheless, the latest release has been executed under the code name of Vault 8. The Vault 8 series will only disclose source codes for previously leaked implants.
“This publication will enable investigative journalists, forensic experts, and the general public to better identify and understand covert CIA infrastructure components,” WikiLeaks stated. “Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention,” explained the official press release.
Hive works as a communication tool between malware and “cover domains.” These domains appear harmless and “perfectly-boring-looking” to visitors nevertheless traffic from implants communicating with these domains is sent to an implant operator management gateway called Honeycomb. The collected data is then delivered back to the CIA.
In accordance with WikiLeaks, CIA utilized these fake certificates to impersonate existing entities which includes Kaspersky Lab.
“The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated,” said WikiLeaks.
— WikiLeaks (@wikileaks) November 9, 2017
Keep in mind, the US government has banned Kaspersky Lab for its supposed links with Russia. Nevertheless, after the release of Hive’s source code, it’s not clear if the CIA only impersonated Kaspersky Labs or also hacked their system to frame the cybersecurity giant and bring Russia under fire.
Furthermore, Israel played a vital role in hacking Kaspersky Labs. In October this year, it was documented that in 2015 Israeli spies managed to gain access to Kaspersky’s backend systems and identified that Russian hackers were subtly utilizing the software both as a universal search engine and a spying tool.
Got a tip or a rumor? Contact me here.
The Establishment continue to push forward in their attempt to shut down the alternative press that is rapidly growing and pushing out the faltering mainstream media. As the EU demands social media sites censor fake news and Reddit, Facebook and other sites begin blocking Fusion Laced Illusions and other alternative media it is now alarmingly evident that their truly is a war on free speech.
Copyright Disclaimer: Citation of articles and authors in this report does not imply ownership. Works and images presented here fall under Fair Use Section 107 and are used for commentary on globally significant newsworthy events. Under Section 107 of the Copyright Act 1976, allowance is made for fair use for purposes such as criticism, comment, news reporting, teaching, scholarship, and research.
Spread the word! LIKE and SHARE this article or leave a comment to help direct attention to the stories that matter. And SUBSCRIBE to stay connected with Fusion Laced Illusions content!
REQUEST REPRINT OR SUBMIT CORRECTION to firstname.lastname@example.org
Contact Fusion Laced Illusions by email.
You can reach us at JWilliams7497@gmail.com Letters may be published. Want to see other people talking about Fusion Laced Illusions? Check out our letters to the editor.