Tag Archives: Vault 7

Vault 7: WikiLeaks exposes CIA “missile control system”

Source: Fossbytes [India]

“We have been seeing Wikileaks dropping CIA-related secret projects almost every weekend. But, this is for the first time that a leak hasn’t exposed any malware used to exploit bugs or perform surveillance. Project Protego is the part of the latest set of secret documents released by Wikileaks. The website says Protego is actually a missile control system installed on a Pratt & Whitney aircraft (PWA). It can be used to command the on-board missile launch system and perform air-to-air and air-to-ground operations.” (09/07/17)

https://fossbytes.com/protego-cia-missile-control-system-wikileaks-vault-7/

WikiLeaks Vault 7: The CIA built a fake software update system to spy on intel partners

The Verge

Source: The Verge

“Anyone relying on the CIA for tech support got a nasty surprise this morning, as documents published by Wikileaks revealed a secret project to siphon out data through its technical liaison service, dating back to 2009. The program, called ExpressLane, is designed to be deployed alongside a biometric collection system that the CIA provides to partner agencies. In theory, those partners are agreeing to provide the CIA with access to specific biometric data — but on the off-chance those partners are holding out on them, ExpressLane gives the agency a way to take it without anyone knowing. … WikiLeaks claims the program was primarily used against US agencies like the FBI and Department of Homeland Security, although the targets are far less clear from the documents themselves.” (08/24/17)

https://www.theverge.com/2017/8/24/16197694/cia-fake-software-update-hacking-wikileaks-vault-7

Vault 7: Wikileaks releases guide to CIA’s “CouchPotato” tool

Source: Wikileaks

“Today, August 10th 2017, WikiLeaks publishes the the User Guide for the CoachPotato project of the CIA. CouchPotato is a remote tool for collection against RTSP/H.264 video streams. It provides the ability to collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame.” (08/10/17)

https://wikileaks.org/vault7/#CouchPotato

Dumbo: WikiLeaks reveals CIA system to take over webcams, microphones

Source: Russia Today [Russian state media]

“Details of the CIA’s Dumbo project, a system that manipulates devices such as webcams and microphones on Microsoft Windows-operating systems, have been published by WikiLeaks. The program also corrupts video recordings, according to the leaked documents. The whistleblowing organization released the files as part of its Vault 7 series on the CIA’s hacking capabilities.” (08/03/17)

https://www.rt.com/viral/398411-cia-wikileaks-webcam-surveillance/

Vault 7: New WikiLeaks dump details Android SMS snooping malware

Source: Naked Security

“Since launching its Vault 7 project in March, WikiLeaks has dumped documents outlining the CIA’s efforts to exploit Microsoft and Apple technology. In this week’s latest release, it focuses on malware called HighRise, which the agency used to target Android devices. WikiLeaks describes HighRise this way on its website: ‘HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts.'” (07/14/17)

https://nakedsecurity.sophos.com/2017/07/14/vault-7-new-wikileaks-dump-details-android-sms-snooping-malware/

Vault 7: WikiLeaks dump reveals how the CIA can track your exact location

Source: Wired

“How many people specifically know where you are right now? Some friends and family? Your coworkers, maybe? If you’re using a Windows laptop or PC you could add another group to the list: the CIA. New documents released on Wednesday as part of WikiLeaks’ series of CIA hacking revelations detail a method the agency uses to geolocate computers and the people using them. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out roughly where the device is. The leaked documents detailing the project, which is known as ELSA, date back to 2013, and specifically address laptops and PCs running Windows 7. But experts say that the technique is straightforward enough that the CIA could have a version of it for every Windows release.” (06/29/17)

http://www.wired.co.uk/article/wikileaks-cia-tracking

WikiLeaks reveals CIA tool for spreading malware in latest Vault 7 release

Source: Ars Technica

“WikiLeaks just published details of a purported CIA operation that turns Windows file servers into covert attack machines that surreptitiously infect computers of interest inside a targeted network. ‘Pandemic,’ as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers.” (06/01/17)

https://arstechnica.com/security/2017/06/wikileaks-says-cias-pandemic-implant-turns-servers-into-malware-carriers/

Fresh WikiLeaks dump shows CIA was hacking iPhones a year after launch

Source: Forbes

“A new Wikileaks release called DarkMatter was released today, affirming that the Central Intelligence Agency has long targeted Apple Macs, creating malware designed to evade the tech giant’s security mechanisms. The leak also revealed the CIA had been targeting the iPhone since 2008, a year after the landmark device was released. That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits — malware that can hide at the lowest level of Apple systems, the kernel and the firmware of the device. … As of this week, after some delay, Wikileaks was in touch with Apple, Google, Microsoft and other tech companies about the leaks, the aim being to help them release patches. But as reported by Vice Motherboard, Wikileaks issued a list of demands before handing over information, such as a promise to fix the bugs within 90 days.” (03/23/17)

https://www.forbes.com/sites/thomasbrewster/2017/03/23/wikileaks-cia-apple-mac-iphone-hacking/#658634a91e3b

Is the Vault 7 source a whistleblower?

Source: Antiwar.com
by Jesselyn Radack

“The FBI has already begun hunting down the source as part of a criminal leak investigation. Historically, the criminal justice system has been a particularly inept judge of who is a whistleblower. Moreover, it has allowed the use of the pernicious Espionage Act — an arcane law meant to go after spies — to go after whistleblowers who reveal information the public interest. My client, former NSA senior official Thomas Drake, was prosecuted under the Espionage Act, only to later be widely recognized as a whistleblower. There is no public interest defense to Espionage Act charges, and courts have ruled that a whistleblower’s motive, however salutary, is irrelevant to determining guilt. The Intelligence Community is an equally bad judge of who is a whistleblower, and has a vested interest in giving no positive reinforcement to those who air its dirty laundry.” (03/15/17)

http://original.antiwar.com/jesselyn_radack/2017/03/14/is-the-vault-7-source-a-whistleblower/

Government officials: Contractors were probably the heroes who helped WikiLeaks expose CIA’s surveillance horror show

Source: Time

“Contractors likely breached security and handed over documents describing the Central Intelligence Agency’s use of hacking tools to anti-secrecy group WikiLeaks, U.S. intelligence and law enforcement officials told Reuters on Wednesday. Two officials speaking on condition of anonymity said intelligence agencies have been aware since the end of last year of the breach, which led to WikiLeaks releasing thousands of pages of information on its website on Tuesday.” (03/09/17)

http://time.com/4696405/wikileaks-cia-contractors-documents-source/