WikiLeaks Vault 8 Part 1: CIA Wrote Code To Impersonate Russian Anti-Virus Company Kaspersky

| |

Top Tier Gear USA

wikileaks vault 8

WikiLeaks has released part 1 of its new Vault 8 series following its popular and widely distributed Vault 7 series which exposed CIA spyware and malware capabilities.

The new release “will enable investigative journalists, forensic experts, and the general public to better identify and understand covert CIA infrastructure components,” the international whistleblower coalition wrote.

The CIA’s master virus control system known as “Hive” was exposed previously last April by WikiLeaks.

“Described as a multi-platform malware suite, Hive provides “customisable implants” for Windows, Solaris, MikroTik (software used in Internet routers), Linux OS, and AVTech Network Video Recorders, used for CCTV recording.

A 2015 user guide for the malware suite reveals the initial release of Hive was in 2010. The guide goes on to describes the software as having two primary functions – a beacon and interactive shell. Both are designed to provide a starting point for CIA cyber agents to deploy other tools that have been included in the WikiLeaks Vault 7 series release.

The implants communicate via HTTPS with the web server using a cover domain. Each cover domain is connected to an IP address that is hooked into a Virtual Private Server (VPS) provider. This forwards all incoming traffic to a ‘Blot’ server.

The redirected traffic is then examined to see if it contains a valid beacon. If it does, it’s sent to a tool handler, called a “Honeycomb.”

The CIA can then choose to initiate other actions on the targeted computer.

The user guide further details the commands that are available, including uploading and deleting files and executing applications on the computer.

“Source code published in this series contains software designed to run on servers controlled by the CIA. Like WikiLeaks’ earlier Vault7 series,” WikiLeaks wrote in a press release for the new Vault 8 series.

The release of Hive followed with wide-scale blowback against the CIA when security firm Symantec linked the agency and a hacking group Longhorn to 40 targets in 16 countries with many more expected to come. Longhorn has been active since at least 2011, according to Symantec, infiltrating targets in the financial, telecom, aerospace and natural resources industries. It has the markings of an intelligence-backed state attacker.

“The tools used by Longhorn closely follow development timelines and technical specifications laid out in documents disclosed by WikiLeaks,” a Symantec statement said.

The Longhorn group shares some of the same cryptographic protocols specified in the Vault 7 documents, in addition to following leaked guidelines on tacts to avoid detection. Given the close similarities between the tools and techniques, there can be little doubt that Longhorn’s activities and the Vault 7 documents are the work of the same group.

The latest leak is the CIA’s master infrastructure source code + logs for that malware control system created by its Embedded Development Branch (EDB.) and expands on the use of obfuscated spoofed tools to implicate another party in a cyber attack.

In March, WikiLeaks also released 676 files code-named ‘Marble’, which detailed CIA hacking techniques and how they can misdirect forensic investigators from attributing viruses, trojans and worms to their agency by using the source code of other languages as a scapegoat – in other words, false flag cyber attacks.

This latest release exposes that the CIA wrote code “to impersonate Russia’s Kaspersky Lab anti-virus company.”

“If the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated,” WikiLeaks said in a statement.

In July, the U.S. Department of Homeland Security (DHS) ordered all government agencies to stop using Kaspersky-related security products and remove them from computers, citing “information security risks presented by the use of Kaspersky products on federal information systems.”

It’s worth noting that Kaspersky was named in the infamous Trump dossier compiled by Fusion GPS under the behest of former spook Christopher Steele. The same firm that was coincidentally connected to a Russian lawyer Natalia Veselnitskaya who set up a meeting with U.S. President Donald Trump’s son, Donald Trump Jr., through Rob Goldstone, a music publicist and personal friend of Trump Jr.

Then there is the fact that Hillary Clinton herself approved the dossier and helped fund it along with the DNC and RNC, according to journalist Edward Klein.

“Hillary approved Podesta’s decision to pay for the dossier by funneling campaign funds through Marc Elias,” the strategist said, referring to the lawyer who represented both the Clinton campaign and the Democratic National Committee.

“The dossier was delivered to the Clinton campaign by the opposition research firm Fusion GPS in the summer of 2016, and Hillary read it and was thrilled by its salacious content,” the strategist continued.

She bragged about it so openly that many of the people in her Brooklyn campaign headquarters were aware of the existence of the dossier. Hillary referred to it as her ‘secret weapon’ that would ‘blow Trump out of the water.’

Former DNC interim head, Donna Brazile, even stated on The View that she knew about the dossier before the presidential election. “I asked one question on November 4th and I was told that I did not need to know and so no, I did not know,” Brazile said.

Is all the propaganda and setups of U.S. president Donald Trump to paint him as colluding with Russia finally falling apart? WikiLeaks seems to play a major part in the destruction of the narrative that alludes to have heavy CIA involvement since the effort is so sophisticated and vast that indicates it was a potential clandestine operation. At some point, people have to start questioning the breadth of coincidences and realize as President Franklin Delano Roosevelt once said: “In politics, there are no accidents,” None Dare Call it Conspiracy, by Gary Allen and Larry Abraham.

Aaron Kesel writes for Activist Post. Support us at Patreon. Follow us on FacebookTwitterSteemit, and BitChute. Ready for solutions? Subscribe to our premium newsletter Counter Markets.

Image Credit: Truthstream Media

Delivered by The Daily Sheeple

We encourage you to share and republish our reports, analyses, breaking news and videos (Click for details).


Contributed by Aaron Kesel of www.activistpost.com.

Wake The Flock Up! Please Share With Sheeple Far & Wide:
  • Paul

    I was on another site earlier, where they give preference to self up voting cheaters and trolls… I don’t know what advantage that gives that site… I don’t know how that helps them… The outcome is they target and delete real accounts posting real comments….

    • Rey d’Tutto

      They want the illusion of agreement. Makes some folks think “well, if everybody thinks this…”
      Same b.s. as social networking.

    • Hillary_2020

      Figured it was time to dust off this old girl. Keep my ling out of trouble lol.

      • Paul

        You may as well…. I have been thinking ideas for my account day…

        • Hillary_2020

          Like I said on the other side, I wouldn’t change a thing. At least try it and see what happens.

          • Paul

            If it doesn’t work, I will seek out an app that changes the ip address to something different or unknown….

          • Hillary_2020

            That’ll work…

          • Paul

            I think the best thing is to hit the TraitorSlayer account that he really is a far left communist shill, and ignore his diversion, Traitor-Slayer account… All he does anyway is run a script of cookie cutter, pre written posts that go 10 fake replies… He proves he is a far left communist, because he always wants a totalitarian government… The rest of them prove what they are also, by their calling and wishing for a totalitarian government…

          • Hillary_2020

            Got to be careful with old Breitbart though.

          • Hillary_2020

            They’re pretty ban happy… Might want to make that hyphenated account for that one…

          • Hillary_2020

            I strongly suspect I would get banned for my avatar eventually lol.

          • Hillary_2020

            When I saw that featured comment crap, I knew things were going to change fundamentally. Who knows, maybe “guest” is Alex’s retarded nephew and Alex is protecting him lol. Whatever it is it’s a very bad day for freedom of speech.

          • Paul

            guest does claim that he resides in Dallas…. He could live 50 miles outside of Dallas towards Austin…. I was thinking too that they hire volunteer form moderators who work from home… Other comment sections have done that… It sounds like something infowars would do, get guest (or a guest fan) to be a volunteer form moderator… The outcome of that would be obvious…
            Look how infowars will whine, complain and squawk when they get slightly censored on facebook, YouTube, google, twitter etc…. I don’t feel sorry for them…
            I wonder what their staff and reporters get paid, probably minimum wage or under the table wages or just get volunteers… Owen and Millie look like they are ” will work cheap” reporters…

          • Hillary_2020

            Owen for sure. Millie I’ll give the benefit of the doubt just because of that wonderful rack… But yeah I totally agree with you. Way too many Texas accounts willing to work in exchange for spamming rights on that site. But it’s more than that. Things really started changing with that featured comment crap.

          • Paul

            Maybe the featured comment idea is to further protect and give a certified platform for self up voting trolls like guest….

          • Hillary_2020

            That was my very first thought the moment I saw that. That told me they were watching shit a lot closer…

          • Paul

            They are proping people up who never order the products… It would only be the real accounts who would order the products… Maybe infowars is counting on government subsidies to operate now….

          • Hillary_2020

            It’s hard to understand his logic…

          • Paul

            If google, facebook, twitter, you tube etc. bans infowars, I won’t feel sorry for them… Inforwars is probably secretly brown nosing with Facebook etc, not to be banned….

          • Hillary_2020

            I wouldn’t be surprised…

          • Paul

            Notice how Alex was all elated and in a crush butterfly zone, in the presence of Lee Ann McAdoo… She must have decided that she didn’t want him, maybe she even played him at one time for a bunch of money or loans… She located herself at a distance, probably to give the messsge she doesn’t want him or it’s just too awkward to be around…
            She missed the boat and should have been a centerfold…

          • Hillary_2020

            The next great scandal lol?

          • Paul

            Lee Ann has a Black guy boyfriend, from the research I have done…
            Joe Biggs must have found a bigger better thing, when he left infowars….
            Lee Ann had an audience and somehow missed the boat… Probably suppressed because she didn’t want Alex…

          • Hillary_2020

            Most likely the reason Alex ran her off…

        • Hillary_2020

          And just use a different email company like instead of Gmail use Outlook.

          • Paul

            I will give it a try….

          • Hillary_2020

            Good luck. Let me know how it works…

          • Paul

            I was on a comment site years ago… I would get deleted every few months and would make a new profile… I found back then, not to put the new profile on too quick because it would get deleted right away, probably by the same prejudice form moderator watching for it… Back then, I figured out a way to make a profile and not involve any e mail address, but one that was forgot to be verified, that worked the best…
            I would get deleted for exposing corruption, exposing scams and telling the truth… Comment sections like what you say, the preach to the choir type posts, not wake the choir up posts…..

          • Hillary_2020

            Whatever works for you… I remember reading another comment from an unfamiliar account way last summer. He said that he had been banned twice and each time he immediately re upped with no problems. Same avatar and moniker… He just said he toned it down a little bit each time…

          • Paul

            I did a test run with a new account with a different e mail address, they banned my accounts by IP address… They must have had extra hurt feelings to ban the IP address…

          • Hillary_2020

            Must be because of the new censorship mentality they have on that site now, scary stuff.

          • Paul

            It is a fact that if an account goes on and calls some celebritity, or politician that infowars doesn’t like, any name or claim of action, it is fine and goes with their disqus rules…
            If someone were to post, they like the pope, they would probably be trolled and banned…
            I was just looking in the infowars comment section… almost every third post is someone posting pedophile claims… Weird, redundant same posts all the time….

          • Hillary_2020

            Herpes and guest are definitely pedo obsessed. That’s the paid spamming trolls go to attack line.

          • Paul

            The paid trolls are provided with the script cheating tools…

          • Hillary_2020

            Apparently more now than there was before…

  • There are no elections, only Selections.
    This is an internal struggle to remove the Chosen One, the chosen one by the 0.001% Rich Families that the Lower Mafia did not agree with. It has nothing to do with your “vote” or democracy. If voting changed anything, it would be illegal.
    WAKE UP SHEEPLE !!!