Articles about Wikileaks

Left-wing French presidential hopeful Emmanuel Macron has been hit by a "massive and coordinated" hack attack just before voters go to the polls. A 9GB cache of emails and photos was dumped as a torrent on Pastebin by a leaker by the name of EMLEAKS. The torrent was initially hosted on Archive.org.

It was quickly pulled offline, but not before it had spread far and wide on social media. Released just before midnight on Friday night, the leak was timed to prevent Macron from responding. French election rules forbid candidates from engaging in any form of campaigning immediately before polls open.

Continue reading →

WikiLeaks continues to release documents that reveal various hacking tools used by the CIA. After the HIVE revelations just over a week ago, the group has followed up with details of operations that were mentioned in the very first batch of Vault 7 leaks -- hacking Samsung televisions to listen in on people.

The documents suggest that the CIA's work is based on a tool developed by MI5 in the UK called Extending. The CIA went on to transform this into its own utility by the name of "Weeping Angel." WikiLeaks has published the guide to using the tool in a file marked "SECRET STRAP 2 UK EYES ONLY," and it describes how an implant is configured on a Linux PC before installing it on a target Samsung F Series smart TV.

Continue reading →

The CIA's range of hacking tools revealed as part of WikiLeaks' Vault 7 series of leaks have been used to conduct 40 cyberattacks in 16 countries, says Symantec. The security firm alleges that a group known as Longhorn has been using tools that appear to be the very same ones used by the CIA.

While it would be obvious to jump to the conclusion that the CIA was itself responsible for the attacks -- and that Longhorn is just a branch of the CIA -- Symantec opts for a rather more conservative evaluation of things: "there can be little doubt that Longhorn's activities and the Vault 7 documents are the work of the same group."

Continue reading →

The latest batch of documents published by WikiLeaks as part of its Vault 7 CIA series purportedly reveals the tools used by the agency to create malware for Windows. The Grasshopper framework is revealed in 27 documents, and they show how to create Windows installers with a malware payload.

Importantly, Grasshopper allows for the easy creation of custom malware delivery options, dependant on the operating system and virus protection detected on a target machine. The documents show that the CIA repurposed malware from Russian and Italian organized crime groups.

Continue reading →

Today, WikiLeaks publishes the third installment of its Vault 7 CIA leaks. We've already had the Year Zero files which revealed a number of exploits for popular hardware and software, and the Dark Matter batch which focused on Mac and iPhone exploits.

Now we have Marble to look at. A collection of 676 source code files, the Marble cache reveals details of the CIA's Marble Framework tool, used to hide the true source of CIA malware, and sometimes going as far as appearing to originate from countries other than the US.

Continue reading →

Yesterday WikiLeaks published the second batch of its Vault 7 documents, Dark Matter, revealing information about Apple-related hacks used by the CIA. This time around, the documents focus on hacks for MacBooks and iPhones, and comes two weeks after the initial batch of documents came to light.

Apple previously said that it had addressed "many of the issues" from the first Vault 7 leaks, and now the company has said much the same regarding the second batch. Despite promises from Julian Assange, it seems that WikiLeaks has not been in contact with Apple to provide further details about the exposed vulnerabilities.

Continue reading →

Within minutes of the electrons drying on my last column about the Wikileaks CIA document drop called Vault 7, Julian Assange came out with the novel idea that he and Wikileaks would assist big Internet companies with their technical responses to the obvious threats posed by all these government and third-party security hacks. After all, Wikileaks had so far published only documentation for the hacks, not the source code. There was still time! How noble of Assange and Wikileaks!

OR, Wikileaks has found a new business model. When organized crime offers assistance against a threat they effectively control it’s called a Protection Racket and is against the law pretty much everywhere.

Continue reading →

It's only a couple of weeks since WikiLeaks unleashed the first batch of its Vault 7 CIA documents, revealing the agency's spying and hacking capabilities. Now the organization has released a second cache of files dubbed Dark Matter, and they show that the CIA has developed tools for hacking Apple products.

Bold and exciting names like Sonic Screwdriver, DerStarke, Triton and DarkSeaSkies are the monikers given to attack the firmware of MacBooks and iPhones. What's particularly interesting about the documents is that they appear to show that the CIA had the ability to exploit Apple hardware and software a full decade ago.

Continue reading →

The CIA's hacking tools leaked in the WikiLeaks Vault 7 disclosure revealed vulnerabilities in a range of popular software titles. Julian Assange has said that his organization will share details of the zero days revealed in the documents with the respective technology companies, but it now transpires that there are certain conditions to meet first. It’s a situation that has more than a slight air of "ransom" to it.

Microsoft has initially complained that after the initial leak there had been no contact from either WikiLeaks or the CIA, but it seems that contact has now been made with the Windows-maker and other companies. Mozilla is among those to have been contacted and to have responded, and sources suggest that Assange has attached conditions to disclosing details of vulnerabilities.

Continue reading →

When WikiLeaks' Vault 7 revelations about the spying capabilities and techniques were unleashed, there was concern about a number of popular apps and services that -- the documents suggested -- had been compromised. Included in this list are popular, secure chat apps WhatsApp and Telegram, and Check Point software has just released details of a vulnerability that left millions of user accounts exposed to hackers.

Google was recently criticized for releasing details of a security hole in Windows (and, subsequently another one in Internet Explorer and Microsoft Edge) before Microsoft had patched it. In fact, it was a third party who jumped to the rescue, issuing patches before Microsoft. This time around, however, after notification of the problems from security firm Check Point, WhatsApp and Telegram both patched the security holes within a week.

Continue reading →

As pretty much anyone already knows, WikiLeaks has dropped a trove of about 8700 secret documents that purport to cover a range of CIA plans and technologies for snooping over the Internet -- everything from cracking encrypted communication products to turning Samsung smart TVs into listening devices against their owners.

Two questions immediately arise: 1) are these documents legit (they appear to be), and; 2) WTF does it mean for people like us, who aren’t spies, public officials, or soldiers of fortune? This latter answer requires a longer explanation but suffice it to say this news is generally not good for anyone, not even for spies unless they have been recently unemployed. But for some companies it will open up significant new business opportunities.

Continue reading →

The Vault 7 leaks this week suggest that the CIA has been able to exploit vulnerabilities in a wide range of popular hardware and software, including Windows, macOS and Linux. One of the suggestions is that the agency produced EFI (Extensible Firmware Interface) rootkits for MacBooks called DarkMatter.

To help calm the fears of MacBook owners, Intel Security has pushed out a tool to check for such rootkits. Apple issued a statement earlier this week indicating that it had addressed "many of the issues" exposed by WikiLeaks, but Intel Security's further intervention will bring some peace of mind to concerned users.

Continue reading →

Technology companies will be given access to the CIA's hacking tools revealed earlier in the week, Julian Assange said today. The WikiLeaks founder said that full details of the exploits used by the CIA would be shared with a view to allowing companies to patch the security holes.

Apple has already said that it has fixed many of the iOS vulnerabilities mentioned in the document cache, and we know that the CIA exploited vulnerabilities in all major operating systems as well as weaponizing numerous popular programs. While WikiLeaks has made certain details of the CIA's hacking tools public, it intends to share them in their entirety privately so software developers can create patches.

Continue reading →

Two days ago, WikiLeaks unleashed a treasure trove of data relating to the CIA's supposed arsenal of hacking tools. Code-named Vault 7, the "Year Zero" cache contains over 8,500 documents and files, and is, according to WikiLeaks, just the first batch. More content will be leaked over time.

While we know that the CIA’s zero day weapons could be used to exploit iPhones, Android devices, Windows PCs and even Samsung TVs, one of the hacking tools is particularly interesting.

Continue reading →

The FBI and CIA are working together on a joint investigation into the Vault 7 document cache published by WikiLeaks that supposedly reveals the CIA's hacking tools. Many of the companies mentioned in the documents for having exploitable vulnerabilities -- including Apple, the Linux Foundation, and Microsoft -- have spoken out about the leaks, but it has taken some time for the CIA itself to respond.

Speaking to the BBC, a CIA spokesperson said: "The American public should be deeply troubled by any Wikileaks disclosure designed to damage the intelligence community's ability to protect America against terrorists and other adversaries." FBI director James Comey has also spoken about the lack of privacy that now exists in the US.

Continue reading →