- Dec 30, 2012
- 4,809
WikiLeaks published new alleged material from the CIA on Thursday, releasing source code from a tool called Hive, which allows its operators to control malware it installed on different devices. WikiLeaks previously released documentation pertaining to the tool, but this is the first time WikiLeaks has released extensive source code for any CIA spying tool.
This release is the first in what WikiLeaks founder Julian Assange says is a new series, Vault 8, that will release the code from the CIA hacking tools revealed as part of Vault 7.
“This publication will enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components,” WikiLeaks said in its press release for Vault 8. “Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention.”
In March of this year, WikiLeaks revealed that it had obtained a cache of documents and hacking tools allegedly stolen from the CIA. The initial release was followed, in classic WikiLeaks style, by periodic new spills of docs and tools. But Assange and his colleagues decided not to publish code that might reveal unpatched bugs or vulnerabilities, so that these could be patched and so that people “can be secure.”
Instead, WikiLeaks contacted the affected companies to disclose them, but the negotiations with the companies—at least at the beginning—didn’t go very well, as WikiLeaks made demands without sharing information. Later, however, companies such as Cisco reported fixing vulnerabilities stemming from the leaks, indicating they either found them on their own or WikiLeaks finally told them.
Article
This release is the first in what WikiLeaks founder Julian Assange says is a new series, Vault 8, that will release the code from the CIA hacking tools revealed as part of Vault 7.
“This publication will enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components,” WikiLeaks said in its press release for Vault 8. “Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention.”
In March of this year, WikiLeaks revealed that it had obtained a cache of documents and hacking tools allegedly stolen from the CIA. The initial release was followed, in classic WikiLeaks style, by periodic new spills of docs and tools. But Assange and his colleagues decided not to publish code that might reveal unpatched bugs or vulnerabilities, so that these could be patched and so that people “can be secure.”
Instead, WikiLeaks contacted the affected companies to disclose them, but the negotiations with the companies—at least at the beginning—didn’t go very well, as WikiLeaks made demands without sharing information. Later, however, companies such as Cisco reported fixing vulnerabilities stemming from the leaks, indicating they either found them on their own or WikiLeaks finally told them.
Article
