It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major

page: 1
18
<<   2 >>

log in

join
share:

posted on Nov, 9 2017 @ 01:42 PM
link   
Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.






Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.





New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company


Interesting timing with all the tweets about the CIA being on the OTHER team.



edit on 511130America/ChicagoThu, 09 Nov 2017 13:51:16 -0600000000p3042 by interupt42 because: (no reason given)




posted on Nov, 9 2017 @ 01:51 PM
link   
a reply to: interupt42

thanks for the info . will look for more



posted on Nov, 9 2017 @ 01:52 PM
link   
a reply to: interupt42


The implications are?



posted on Nov, 9 2017 @ 01:57 PM
link   

originally posted by: carewemust
a reply to: interupt42


The implications are?


Yea what's this all mean?



posted on Nov, 9 2017 @ 01:58 PM
link   

originally posted by: iTruthSeeker

originally posted by: carewemust
a reply to: interupt42


The implications are?


Yea what's this all mean?


Since the thread was started in the "Political News" forum, we can rule out UFO's, 911, etc.



posted on Nov, 9 2017 @ 02:10 PM
link   
Meaning, the CIA can now be hacked since their malware protection has been exposed? Sounds treasonous.



posted on Nov, 9 2017 @ 02:14 PM
link   

originally posted by: interupt42
Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.



New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company


Interesting timing with all the tweets about the CIA being on the OTHER team.





New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company 





This summer: www.businessinsider.com...



The FBI interviewed at least a dozen employees of the elite Russian cybersecurity firm Kaspersky Lab on Tuesday night, visiting them at their homes on the east and west coasts to gather facts about how the company works



www.geek.com...



Since early this year, the Bureau has reportedly been meeting with energy and tech companies to warn them of the threat posed by the security provider, which officials claim can not be trusted to protect America’s critical infrastructure.


This story could be quite the twist if the CIA is imitating Kapersky, no?
edit on 9-11-2017 by RadioRobert because: (no reason given)



posted on Nov, 9 2017 @ 02:19 PM
link   

originally posted by: interupt42



New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company


Interesting timing with all the tweets about the CIA being on the OTHER team.




Interesting, wasn't Kaspersky Labs just accused of doing bad things? Could it have been the CIA actually doing the dirty deeds and placing blame on Kaspersky?



posted on Nov, 9 2017 @ 02:24 PM
link   
a reply to: iTruthSeeker

It's source code for a CIA command and control system for its implants (the malware installed on hacked computers).

Just skimming the Wikileaks post, it looks like basically, the implants communicate through a proxy on a VPS (Virtual Private Server) running Apache (a web server) running on a commercial ISP. From there, the traffic is proxied to the Blot 4.0 server which in turn either proxies the connection to a "cover server" — a web server hosting the website of a mundane commercial entity, aka a plausible "cover" — or communicates with the command and control server ("Honeycomb") which in turn dumps logs to another server.

The upshot here is that all of the traffic looks like run-of-the-mill SSL-encrypted web traffic (HTTPS) and if the cover server is scrutinized, it looks innocuous.

It's not anything Earth-shattering really as far as these things go.
edit on 2017-11-9 by theantediluvian because: (no reason given)



posted on Nov, 9 2017 @ 02:28 PM
link   
a reply to: theantediluvian

That was alot to take in. Basically, the exposure is of the CIA's ability to hack other computers.



posted on Nov, 9 2017 @ 02:32 PM
link   
Russia is scared of something...

Hence WL doing this. LOL LOL LOL



posted on Nov, 9 2017 @ 02:34 PM
link   
a reply to: theantediluvian

Headline makes it LOOK alarming.

Propaganda doesn't need to actually be harmful.

It's the perception it creates that MATTERS.



posted on Nov, 9 2017 @ 02:37 PM
link   
a reply to: theantediluvian

SSL has been hacked since 2011. SSLScan is the new toy. Heck, some traffic send password and account names in plain text. No real hacking required; you just scan the stream for ascii characters and your in.

What the real kicker is, "What does the SSL traffic contain"?

Prolly the contents of your hard drive!



posted on Nov, 9 2017 @ 02:38 PM
link   

originally posted by: theantediluvian
a reply to: iTruthSeeker

It's source code for a CIA command and control system for its implants (the malware installed on hacked computers).

Just skimming the Wikileaks post, it looks like basically, the implants communicate through a proxy on a VPS (Virtual Private Server) running Apache (a web server) running on a commercial ISP. From there, the traffic is proxied to the Blot 4.0 server which in turn either proxies the connection to a "cover server" — a web server hosting the website of a mundane commercial entity, aka a plausible "cover" — or communicates with the command and control server ("Honeycomb") which in turn dumps logs to another server.

The upshot here is that all of the traffic looks like run-of-the-mill SSL-encrypted web traffic (HTTPS) and if the cover server is scrutinized, it looks innocuous.

It's not anything Earth-shattering really as far as these things go.


I read through those documents: *aws.com = Amazon Web Services

Perfect cover for creating a covert data stream; So many companies use these services - Internet web-cams, telemetry, auto-updates. It makes perfect sense and always the opportunity to throw something in at the same time.



posted on Nov, 9 2017 @ 02:42 PM
link   

originally posted by: JacKatMtn

originally posted by: interupt42



New WikiLeaks publication reveals CIA wrote code to impersonate Kaspersky Labs anti-virus company


Interesting timing with all the tweets about the CIA being on the OTHER team.






Interesting, wasn't Kaspersky Labs just accused of doing bad things? Could it have been the CIA actually doing the dirty deeds and placing blame on Kaspersky?



Thats is what is being suggested. With the recent leaks , craziness , and SA arrests I find the timing interesting if so.

edit on 051130America/ChicagoThu, 09 Nov 2017 15:05:06 -0600000000p3042 by interupt42 because: (no reason given)



posted on Nov, 9 2017 @ 02:48 PM
link   
a reply to: Justso

Sort of. Nothing about the penetration, it's all about how they communicate with the implants that are left behind (to control them and to exfiltrate data).

There's apparently also a tool that can be used to construct a fake cert and the source documentation includes examples that use Kaspersky Labs as the organization for the cert.

The insinuation from Wikileaks is that a fake cert in Kaspersky Labs name could be used to cause misattribution to the Russians. I suppose that might be true of somebody with mild brain damage but I suspect that WL is deliberately trying to muddy the waters and plant the idea of plausible deniability for the Russians.



posted on Nov, 9 2017 @ 02:50 PM
link   
a reply to: theantediluvian

Indeed.

Muddying the waters is what Russia is known for:

Spy Circles Suspect Kremlin Is Behind Dozenz of Fake Trump Sex Tapes



posted on Nov, 9 2017 @ 03:03 PM
link   
So this proves political rogues at CIA could mimic Russians.



posted on Nov, 9 2017 @ 03:11 PM
link   

originally posted by: TinfoilTP
So this proves political rogues at CIA could mimic Russians.


We already knew this.

Wikileaks keeps pushing this...

A ... tad suspicious if you ask me...




posted on Nov, 10 2017 @ 05:05 AM
link   

originally posted by: Justso
a reply to: theantediluvian

That was alot to take in. Basically, the exposure is of the CIA's ability to hack other computers.


YES, and perhaps this explains why the white house under trump announced all federal computers where to stop using kaspersky, they unreasonably blamed russian interference for the reason, but this makes it more plausible that the trump admin was actually trying to root out cia control over federal computers...




top topics



 
18
<<   2 >>

log in

join