"CIA created a code impersonating Kaspersky," WikiLeaks announces a new document "Vault 8"

byLudovic Toinel

WikiLeaks has released the source code of the CIA hacking tool called "Hive". The published code shows that the CIA was stolen information secretly from the target by disguised as Kaspersky anti-virus software of a security-related company.

WikiLeaks - Releases

iTWire - CIA created code to impersonate Kaspersky Lab: WikiLeaks

This source code is a confidential document on CIA's top secret operationsVault 7"The first series of the new series" Vault 8 "following the WikiLeaks founderJulian AssangiHe says.

According to the released source code, the tool developed and used by the CIA impersonates Russian-based security-related company "Kaspersky" as antivirus software. By issuing fake Kaspersky certification, it becomes possible to extract information secretly from the target computer. Kaspersky anti-virus software, in October 2017 "A Russian hacker steals NSA confidential information using Kaspersky antivirus softwareSince it was reported that it is being used, it is forbidden to use in the US government agencies.

Russian hacker knocked out NSA's confidential information using Kaspersky antivirus software - GIGAZINE

Kaspersky's founder Eugene Kaspersky said on Twitter "I looked up the Vault 8 report and confirmed the fake certificate where our name is used.Our customer and private key, service is safe There is no effect. "

WikiLeaks is a release of Vault 8 "This publication will help journalists investigating, court experts, and the general public to recognize and understand the foundations and components of the CIA." "Hive is CIA's It solves important problems of malware operators, no matter how sophisticated malware can be ported to the target computer, it is meaningless unless it can communicate with operators in a safe way that is unaware of the target That's why.

When WikiLeaks was announced about CIA's hacking tool "Vault 7" in March 2017, the code was not released. Instead, WikiLeaks used a way to contact companies that may be hacked about outstanding bugs and vulnerabilities.

WikiLeaks releases a confidential document "Vault 7" that reveals the actual state of CIA's secret intelligence operations such as "to hack and car assault cars" and "record a conversation in a room on the TV" - GIGAZINE

However, in the above method, WikiLeaks requested "not to share information", so at least it was not possible to carry out successfully at first. Ultimately, we announced that several companies including Cisco have responded to the vulnerability.

Jake William, who used to work as a hacker of NSA once, seems to be able to use code by malicious hacker, but the code published on November 9 is " Help scientific experts to CIARefactoringIt does not make it possible for cyber attack, it does not seem to be dangerous "for coming. However, it seems that the code of other tools described in Vault 7 may be abused if it is published. In this regard, WikiLeaks explains that "the material released as part of Vault 8 does not contain vulnerabilities that others can use for other purposes."

in Software,   Security, Posted by darkhorse_log