21st Century Wire says…
Over the past month, Wikileaks reportedly gathered much of the CIA’s cyber hacking capabilities in their Wikileaks ‘Vault 7’ publication under the moniker Year Zero. Now the transparency seeking website, has published “676 source code files for the CIA’s secret anti-forensic Marble Framework,” in part 3 of its series.
RT reports the following:
“WikiLeaks’ latest batch of documents, named ‘Marble’, details CIA hacking tactics and how they can hamper forensic investigators from attributing viruses, trojans and hacking attacks to the spy agency . The tool was in use as recently as 2016.”
While there continues to be many unknowns associated with this latest CIA centered leak, there are a quite a few things to consider. The Wikileaks Vault 7 series is said to be bigger than the Snowden revelations as the largest publication of classified intelligence in history. Furthermore, the CIA’s anti-forensic ‘Marble Framework’ is yet another curious discovery regarding the nature of US government hacking if true.
The new information concerning the CIA’s Marble, comes a week after Wikileaks published information about the intelligence agency’s espionage related program Dark Matter – alleged techniques used to deliberately compromise Apple products.
In a 21WIRE report entitled “BIGGER THAN SNOWDEN: Wikileaks ‘Vault 7’ Classified CIA leak – What Does It Mean?,” we analyzed the impact of Wikileaks Vault 7 release as well as its relation to other forensic mysteries, even though some of the content exposed in part one of Year Zero revealed what many in new media and other investigative fields have suspected to be technologically possible for years.
The Vault 7 documents continue to identify specific cyber weapons, hacking systems, viruses and malware created by the CIA that can be used on just about anyone or any entity.
In October of 2016, a wave of distributed denial of service (DDoS) attacks hit some of the top online companies and websites including Amazon, Netflix, Twitter and Reddit. At the time, we suggested that “one cannot rule out the very real possibility that this a staged-managed event, especially when you consider The New York Times was listed among those affected.”
QUESTION: Is it possible that the CIA may have been involved somehow in the DDoS attacks in America?
After mostly brushing of the initial claims of Vault 7, establishment media now appears to be in a panic over this recent release. In addition, the newly released Marble details come as the Trump administration appears to be at odds with the CIA over its foreign policy decisions in Syria.
More from Zero Hedge below…
‘SPOTLIGHT’ – Julian Assange of Wikileaks. (Image Source: bbci.co.uk)
WikiLeaks Reveals “Marble”: Proof CIA Disguises Their Hacks As Russian, Chinese, Arabic…
WikiLeaks’ latest Vault 7 release contains a batch of documents, named ‘Marble’, which detail CIA hacking tactics and how they can misdirect forensic investigators from attributing viruses, trojans and hacking attacks to their agency by inserted code fragments in foreign languages. The tool was in use as recently as 2016. Per the WikiLeaks release:
“The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.”
The latest release is said to potentially allow for ‘thousands‘ of cyber attacks to be attributed to the CIA which were originally blamed on foreign governments.
WikiLeaks said Marble hides fragments of texts that would allow for the author of the malware to be identified. WikiLeaks stated the technique is the digital equivalent of a specialized CIA tool which disguises English language text on US produced weapons systems before they are provided to insurgents.
It’s “designed to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms” often link malware to a specific developer, according to the whistleblowing site.
The source code released reveals Marble contains test examples in Chinese, Russian, Korean, Arabic and Farsi.
“This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion,” WikiLeaks explains, “But there are other possibilities, such as hiding fake error messages.”
The code also contains a ‘deobfuscator’ which allows the CIA text obfuscation to be reversed. “Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA.”
Previous Vault7 releases have referred to the CIA’s ability to mask its hacking fingerprints.
WikiLeaks claims the latest release will allow for thousands of viruses and hacking attacks to be attributed to the CIA.