WikiLeaks has announced that the US Central Intelligence Agency (CIA) created a malware that could hack and impersonate other programs and certificates.
WikiLeaks published the CIA malware’s code, noting the agency’s hacking tool was created with the intention of impersonating the Russian cybersecurity company Kaspersky Lab anti-virus programs.
The CIA code, known as Hive, was designed to spy on users by cloaking its suspicious behavior as another program’s regular operations.
— WikiLeaks (@wikileaks) November 9, 2017
RT reports: The CIA multi-platform hacking suite ‘Hive’ was able to impersonate existing entities to conceal suspicious traffic from the user being spied on, the source code of the malicious program indicates, WikiLeaks said on Thursday.
The extraction of information would therefore be misattributed to an impersonated company, and at least three examples in the code show that Hive is able to impersonate Russian cybersecurity company Kaspersky Lab, WikiLeaks stated.
“If the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated,” WikiLeaks said in a statement.
WikiLeaks began to publish documents on Hive in April this year, exposing the elaborate malware suite used by the CIA to hack, record and even control modern hi-tech appliances worldwide. Kaspersky Lab has repeatedly been accused by US officials of being involved in alleged Russian state-run hacking of the US presidential election.
WikiLeaks began to publish ‘Hive’ documents in April this year, exposing the elaborated malware suite used by the CIA to hack, record and even control modern hi-tech appliances worldwide. The most recent revelations are particularly interesting, as Kaspersky Lab has been repeatedly accused by US officials of being involved in the alleged Russian state-supervised hacking plot.
In September, the US Department of Homeland Security (DHS) ordered all government agencies to stop using the company’s products and remove them from computers, citing “information security risks presented by the use of Kaspersky products on federal information systems.” Kaspersky Lab has repeatedly denied cooperating with any government entity including Russia, stating that its products simply cannot be used for spying as they lack any functionality beyond the advertised one. In an unprecedented move, the company even opened its source code to independent review last month.