WikiLeaks may have dealt another blow to the CIA’s hacking operations by releasing files that allegedly show how the agency was masking its malware attacks.
WikiLeaks may have dealt another blow to the CIA’s hacking operations by releasing files that allegedly show how the agency was masking its malware attacks.
On Friday, the site dumped the source code to the Marble Framework , a set of anti-forensic tools that WikiLeaks claims the CIA used last year.
The files do appear to show “obfuscation techniques” that can hide CIA-developed malicious coding from detection, said Jake Williams, a security researcher at Rendition InfoSec, who has been examining the files.
Every hacker, from the government-sponsored ones to amateurs, will use their own obfuscation techniques when developing malware, he said.
But thanks to WikiLeaks, some of the CIA’s methods are out in the public. Security researchers will now have a resource to identify whether past malware samples have any ties to the U. S. spy agency, Williams said.
WikiLeaks has said the same. But the site is also drawing another conclusion with the source code: that the CIA can frame other countries for its malware attacks.
WikiLeaks points to how the CIA anti-forensic tools support other languages such as Chinese, Russian, Korean, Arabic and Farsi.
