WikiLeaks' Marble dump: Fresh leaks shows how CIA used tools to disguise hacks
Whistleblower Website WikiLeaks Has Revealed The US Central Intelligence Agency's (CIA) Hacking Tactics In Its Fresh Leak Of Documents Named 'Marble'.
Whistleblower website WikiLeaks has revealed the US Central Intelligence Agency's (CIA) hacking tactics in its fresh leak of documents named 'Marble'. The latest batch of documents includes 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA"Today, March 31st 2017, WikiLeaks releases Vault 7 "Marble" -- 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalised CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA," the website said on its Twitter handle.
Read | WikiLeaks releases Vault 7 'Dark Matter' revealing CIA projects that infect Apple Mac Computer firmware"Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code. It is "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop," it added. The website further explained that the Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.
Read | CIA accuses WikiLeaks of endangering America by helping US rivalsThe source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.
For all the Latest World News, Download News Nation Android and iOS Mobile Apps.
More from World
EUFSC President Konstantin Ishkhanov “Thrilled†to Announce Opening of InClassica Festival in Dubai
Maiden Al-Mohed Al-Hindi Exercise Set to Begin Between Indian Navy and Saudi Arabia Navy
Excellent job by India in reducing COVID-19 related deaths by clamping lockdown: Indian-American doc
Pak summons Indian diplomat over expulsion of 2 High Commission officials on espionage charges
Trump postpones G7 summit, wants India, others to join group