Articles about Wikileaks

It feels like it has been a while since we've had any NSA-related news -- interest in mass surveillance has been overtaken by other concerns. After a series of Vault 7 leaks from WikiLeaks about the organization, the NSA is now planning to release its GHIDRA framework, designed to reverse-engineer malware and other software, later in the year.

The framework will be available for Windows, macOS and Linux, and it is set to be demonstrated and publicly released at the RSAConference in March. While it might seem like a bad idea to release a tool that can be used to break down malware and see how it works -- and, therefore, create other similar attack tools -- the idea is actually to help increase security.

Continue reading →

The cryptocurrency exchange Coinbase has closed the account of the WikiLeaks Shop -- the official source of WikiLeaks merchandise -- citing violations of its terms of services.

WikiLeaks is not happy about this and is calling for a "global blockade" of Coinbase in protest, saying the exchange is an "unfit member of the crypto community". The WikiLeaks Shop has itself not been closed, and it is still able to accept Bitcoin payments -- just not via Coinbase.

Continue reading →

Still holed up in the Ecuadorian embassy in London, WikiLeaks founder Julian Assange has been given the snip. Ecuador took the decision to cut off the fugitive's internet connection, severing one of his lines of communication with the outside world.

Assange -- who a judge recently described as a man who "appears to consider himself above the normal rules of law" -- has been living in the embassy since 2012 when he was wanted for questioning in Sweden on sexual assault allegations. He has hidden away claiming he could be extradited to the US to face charges over WikiLeaks revelations, but he is also wanted by British police for skipping bail.

Continue reading →

A UK judge has refused to cancel a warrant for Julian Assange, meaning that the WikiLeaks founder still faces arrest if he leaves the Ecuadorian embassy in London where he has taken up residence. The judge said that Assange "appears to consider himself above the normal rules of law and wants justice only if it goes in his favor."

Assange skipped bail back in 2012, fearing extradition to Sweden where he faced rape charges, and further fearing being handed over to the US where he believes he faces charges of revealing state secrets. Although Sweden has since dropped charges, he could still be arrested in the UK for breaking his bail conditions.

Continue reading →

Following on from its Vault 7 series of leaks relating to CIA hacking tools, WikiLeaks has kicked off a new series -- Vault 8. The purpose of this latest series is to reveal the source code of previously exposed hacking and surveillance tools, and the first release relates to Hive.

The tool itself is interesting enough, serving as backbone to the CIA's malware operations, but there's more. What's intriguing about the first leak in the Vault 8 series is that it seems to show the agency impersonating Kaspersky, by making use of a fake certificate for the anti-virus company.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of CIA documents and tools is a user guide for CouchPotato. This project is designed to capture RTSP/H.264 video streams, typically from networked cameras.

This is rather different to the approach taken with the Dumbo project which required physical access to a computer. The CouchPotato documentation is relatively recent, only dating back to February 14, 2014.

Continue reading →

Julian Assange has reached out to James Damore, the software engineer fired by Google for publishing an "anti-diversity manifesto." The WikiLeaks founder used his Twitter account (currently sporting a fake "verified" badge) to offer him a job.

Linking to an article entitled "Google Is Not What It Seems" about his book When Google Met Wikileaks, Assange said: "Censorship is for losers. @WikiLeaks is offering a job to fired Google engineer James Damore."

Continue reading →

WikiLeaks has published the latest installment of its cache of CIA documentation known as Vault 7. This time around we learn about Project Dumbo, a hacking tool which allows for the control of webcams and microphones.

Wired, Bluetooth and wireless devices can all be detected by Dumbo. In addition to this, Dumbo gives the CIA the ability to delete or corrupt recordings that have been made. WikiLeaks has published user guides for three versions of Dumbo, the most recent of which is dated June 2015.

Continue reading →

WikiLeaks has published the latest of its Vault 7 CIA leaks, this time looking at a project going by the name Imperial. The project is made up of three tools: Achilles and SeaPea which target OS X, and Aeris which targets various flavors of Linux, including RedHat, Debian and CentOS.

User guides relating to the two Mac tools date from mid-2011 and show they can be used to Trojanize an OS X disk image or install a persistent rootkit. Aeris was designed to provide a backdoor into Linux-based systems.

Continue reading →

Some four months after the first Vault 7 leak, WikiLeaks continues to publish revealing CIA documents that detail the agency's ability to hack, infiltrate and surveil targets. The latest batch goes under the banner "UCL / Raytheon", and comprises documents from CIA contractor Raytheon Blackbird Technologies.

Dating from late 2014 and late 2015, the documents show how the CIA, through Raytheon Blackbird Technologies, monitored malware in the wild to see how it could be used by the agency. The documents cover tools produced by the infamous Hacking Team as well as the Russian HammerToss malware delivered via Twitter.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of leaked CIA documents details an app that can be used to intercept SMS messages on Android devices. The HighRise tool can grab messages before sending them on to a CIA-controlled server.

The app itself goes by the name of TideCheck and it serves as an SMS proxy to allow for the interception of messages on a target's phone. The app itself is password protected (with the word "inshallah") to prevent unwanted tinkering. It also seems to serve a dual purpose, acting as a secure communication channel for CIA operatives.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of CIA tools and documents gives details of tools used by the agency to attack Windows and Linux computers. The BothanSpy and Gyrfalcon projects can be used to intercept and exfiltrate SSH (Secure Shell) credentials.

BothanSpy is used to target Windows, while Gyrfalcon is used for Linux machines, with both working in different ways. A number of popular distros can be hit by Gyrfalcon, including CentOS, Debian, RedHat, openSUSE and Ubuntu, and both tools function as implants that steal credentials before transmitting them to a CIA server.

Continue reading →

The Vault 7 leaks continue to flow thick and fast from WikiLeaks, shedding more and more light on the hacking and infiltration capabilities of the CIA. The latest batch details the OutlawCountry project which finds the CIA targeting Linux systems.

With Linux-based operating systems usually lauded for their impenetrability, news of a possible chink in the armour will undoubtedly cause concern. With OutlawCountry, it seems the CIA was able to redirect network traffic from a target machine to an agency-controlled machine for infiltration.

Continue reading →

Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA's CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers, transforming them into listening devices.

CherryBlossom also enables the CIA to interfere with both incoming and outgoing traffic. Passwords present little obstacle in many cases and the fact that remote infection is possible makes the implant very simple to install. The documents reveal how the CIA can home in on a target using information such as MAC address, email address, or even chat handles.

Continue reading →

WikiLeaks continues to release revealing documents from its Vault 7 cache. This time around the organization introduces us to a CIA tool called Archimedes -- previously known as Fulcrum.

As before, there is little to confirm whether or not the tool is still in active use -- or, indeed, if it has actually ever been used -- but the documentation shows how it can be installed on a LAN to perform a man-in-the-middle attack.

Continue reading →