Skip to Content

WikiLeaks exposes CIA’s global covert hacking program

The latest WikiLeaks' bombshell of CIA hacking practices, known as Vault 7 has been a wake-up call for computer users and IT giants.

Published: March 9, 2017, 5:17 pm

    Read more

    The international non-profit organisation has unveiled how the CIA has been busy hacking the entire world with spy tools allowing it to infect a target computer bypassing PSPs (Personal Security Product).

    The leaked files show how the US spy agency exploited vulnerabilities in well-known software and hardware platforms in order to take control over them, but also revealed details of the CIA’s ability to hide its own hacking fingerprint and attribute it to others.

    One of the files, entitled “Kaspersky ‘heapgrd’ DLL Inject,” describes such vulnerabilities of the Russian cybersecurity provider Kaspersky Lab.

    “The Kaspersky AVP.EXE process references a DLL called WHEAPGRD.DLL. This DLL is supposed to be located in one of the Kaspersky directories (which are protected by the PSP). Due to a UNICODE/ASCII processing mistake, the DLL name is prepended with the Windows installation drive letter, rather than the full path to the DLL. For typical installations, this causes Kaspersky to look for the DLL ‘CWHEAPGRD.DLL’ by following the standard DLL search path order. Loading our own DLL into the AVP process enables us to bypass Kaspersky’s protections,” the document reads, adding that “this vulnerability is limited to some of Kaspersky’s previous releases.”

    Another document reveals a screenshot of a “selected number of DLL misses from Kaspersky TDSS Killer Portable”.

    A Kaspersky Lab spokesperson the media the problem had been fixed in 2009 and that all new company products are subject to mandatory testing before release.

    Earlier Kaspersky Lab issued an official statement saying it was currently studying the latest leaks. “Kaspersky Lab is thoroughly studying the report published on WikiLeaks on March 7, 2017 in order to make sure that our clients are out of danger. The company pays special attention to such reports and statements.”

    Apple and Google rushed to dispel the mounting doubts about their products. “As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections. We’ve always made security a top priority and we continue to invest in our defenses,” Google’s Director of Information Security and Privacy told Recode.net.

    The leaks span the period between 2013 and 2016 and presents just the tip of the iceberg. “The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers,” the WikiLeaks press release noted.

    “In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons,” WikiLeaks said.

    In a move that will likely spark further outrage, BuzzFeed reported that Nigel Farage visited the Wikileaks founder hiding in the Ecuadorian embassy in west London on Thursday. Julian Assange has been living there since he was granted asylum in 2012.

    Ecuador’s decision prevented Assange from being deported to Sweden to be questioned over sexual assault allegations and eventually turned over to the USA. The Wikileaks founder has been stranded there ever since, with British police keeping the building under 24/7 close surveillance.

    The former UKIP leader spent around 40 minutes in the building and left around midday accompanied by an aide. When questioned by BuzzFeed News, Farage said he couldn’t remember what he was doing in the building. Asked specifically if he had gone to the Knightsbridge building to meet with Assange, Farage said: “I never discuss where I go or who I see”.

    The allegations of “digital fingerprints” left behind by Russian hackers at any rate must now be dismissed as either fake or completely meaningless.

    The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques “borrowed” from malware produced in other states including the Russian Federation.

    With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were “borrowed” from.

    UMBRAGE components not only covers anti-virus (PSP) avoidance and survey techniques, but also keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation and stealth.

    One other document discusses hacking vehicle systems, appearing to indicate the CIA’s interest in hacking recent-model cars with sophisticated onboard computer systems.

    In a Facebook livestream, Assange confirmed that the information was obtained from an isolated computer at the CIA headquarters in Virginia. He described the loss as an “historic act of devastating incompetence” for the spy agency.

    He also suggested that former US President Barack Obama and current president Donald Trump might not even have known about it. He also questioned if the loss had been shared with companies such as Apple and Google, which were both made vulnerable by it.

    “WikiLeaks has a lot more information,” Assange said. “Once this material is effectively disarmed we will publish additional details about what has been occurring,” he added.

    WikiLeaks said 7 818 web pages and 943 attachments were published, but were just the first part of more material to come containing details of hacking tools used by the CIA. The organisation has also suggested that some of the data redacted from the initial release, such as all of the actual computer code, might be released in the near future.

    Ahead of the press conference today, the organisation asked people to tweet their questions about the leaks using the hashtag #AskWLwikileaks.

    The Chinese Foreign Ministry urged the US to stop “stop listening in, monitoring, stealing secrets and internet hacking”.

    The German government is examining the leaked data as well. In a statement, the German Foreign Ministry said that it was attempting to authenticate the documents.

    “We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators,” said the German consulate’s office in the US. “We’re looking at it very carefully.”

    Consider donating to support our work

    Help us to produce more articles like this. FreeWestMedia is depending on donations from our readers to keep going. With your help, we expose the mainstream fake news agenda.

    Keep ​your language polite​. Readers from many different countries visit and contribute to Free West Media and we must therefore obey the rules in​,​ for example​, ​Germany. Illegal content will be deleted.

    If you have been approved to post comments without preview from FWM, you are responsible for violation​s​ of​ any​ law. This means that FWM may be forced to cooperate with authorities in a possible crime investigation.

    If your comments are subject to preview ​by FWM, please be patient. We continually review comments but depending on the time of day it can take up to several hours before your comment is reviewed.

    We reserve the right to del​ete​ comments that are offensive, contain slander or foul language, or are irrelevant to the discussion.

    Americas

    Does climate influence the spread of the Coronavirus?

    Studies and observations on the relationship between climate and the Covid-19 pandemic are multiplying. A cold and dry climate create the worst conditions, while temperatures above 18 degrees and a humid climate slows down the virus some say.

    Mearsheimer: The collapse of the liberal world order

    The days of liberal hegemony may be numbered. John J. Mearsheimer, one of the most important and influential scholars of international relations in the world and distinguished professor of Political Science at the University of Chicago, and one of the most famous exponents of the school of contemporary political realism, which has roots and tradition in Machiavelli and Hobbes, thinks so.

    World’s largest lithium mine will impact on geopolitics

    In Mexico, in the Sonora region, there is the largest lithium mine ever discovered so far in the world. Its probable reserves are estimated at 243,8 million tons and lithium carbonate, the mineral from which it is extracted the metal amounts to 4,5 million tons.

    Cyborg Soldiers 2050: The future of the Pentagon

    According to what has been formalized by the US Army's Combat Capabilities Development Command, the US military will be able to see the first enlistments made up of personnel which are half human and half machine, integrated into their military apparatus within ten years.

    US: Second Amendment Sanctuaries are exploding

    In the rural areas of Virginia, in the United States, citizens are clinging to guns and religion: They have voted overwhelmingly to declare their localities Second Amendment Sanctuaries.

    Culture wars: Pro-Israel supporters versus Groypers

    While the political mainstream in the United States has turned its attention to the impeachment of Donald Trump, something else has been happening from a conservative perspective: an ideological civil war has broken out in the right-wing camp.

    Greta Thunberg mural uses thousands of litres of noxious aerosol paint

    San FranciscoControversy has been following climate activist Greta Thunberg to San Francisco too. The American city is struggling with environmental issues, not the least of which is a human feces crisis on the streets currently plaguing inhabitants and terrible air quality.

    CNN not a source of news but a shameless propaganda outlet

    According to a conservative activist group, CNN has no interest in reporting news. The network is focused solely on anti-conservative propaganda.

    Ukraine-gate: Complaint form revised just days ahead of impeachment proceedings

    WashingtonThere is a strange coincidence regarding the recent whistleblower complaint filed by a CIA officer against President Trump and a revised complaint form.

    Appeal of 500 scientists: ‘There is no climate emergency’

    New YorkMore than 500 scientists have contradicted the thesis of man-made climate change in a letter to UN Secretary-General António Guterres.

    Go to archive