• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
Leaks

WikiLeaks’ Vault 8 Leaks Show CIA Impersonated Kaspersky Lab

November 10th, 2017 Waqas Security, Leaks 0 comments
WikiLeaks’ Vault 8 Leaks Show CIA Impersonated Kaspersky Lab
Share on FacebookShare on Twitter

Wikileaks released the source code for Hive on Thursday, a CIA (Central Intelligence Agency) implants used in transferring exfiltrated information from target Windows machines. The technical details for Hive were released back on April 14th, 2017 in Vault 7 series of documents.

Vault 7 series was aimed at detailing activities and hacking capabilities of the CIA to perform electronic surveillance and cyber warfare. During the series, WikiLeaks released technical details on 23 tools that were allegedly used by the agency to hack Smart TVs, cars, web browsers, operating systems (including Windows, Mac, and Linux), smartphone operating system (including Android and iOS), VLC player, webcams, and microphones.

However, the latest release has been carried out under the code name of Vault 8. The Vault 8 series will only expose source codes for previously leaked implants.

“This publication will enable investigative journalists, forensic experts, and the general public to better identify and understand covert CIA infrastructure components,” WikiLeaks said. “Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention,” said the official press release.

Hive works as a communication tool between malware and “cover domains.” These domains seem harmless and “perfectly-boring-looking” to visitors however traffic from implants communicating with these domains is sent to an implant operator management gateway called Honeycomb. The collected data is then sent back to the CIA.

According to WikiLeaks, CIA used these fake certificates to impersonate existing entities including Kaspersky Lab.

“The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated,” noted WikiLeaks.

New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company https://t.co/EvE8GdyAmM pic.twitter.com/geigDgIDsk

— WikiLeaks (@wikileaks) November 9, 2017

Remember, the US government has banned Kaspersky Lab for its alleged links with Russia. However, after the release of Hive’s source code, it’s unclear if the CIA only impersonated Kaspersky Labs or also hacked their system to frame the cybersecurity giant and bring Russia under fire.

Also, Israel played a vital role in hacking Kaspersky Labs. In October this year, it was reported that in 2015 Israeli spies managed to access Kaspersky’s backend systems and identified that Russian hackers were discreetly using the software both as a universal search engine and a spying tool.

[fullsquaread][/fullsquaread]

  • Tags
  • CIA
  • Cyber Crime
  • hacking
  • internet
  • Israel
  • Kaspersky
  • LEAKS
  • Privacy
  • security
  • Surveillance
  • USA
  • Vault 7
  • Vault 8
  • wikileaks
Facebook Twitter LinkedIn Pinterest
Previous article Google just can not get rid of BankBot malware from Play Store
Next article Intel’ Management Engine Tech Just Got Exposed Through USB Ports
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Botnet Abusing Bitcoin Blockchain To Evade Detection

Botnet Abusing Bitcoin Blockchain To Evade Detection

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us