Saturday, April 8, 2017
WIKILEAKS BUSTS CIA'S USE OF RUSSIAN MALWARE. HOW THE CIA FRAMED RUSSIA
Shocker! CIA can mimic Russian cyber hack!
I WASN'T SHOCKED.
WHEN THE FBI DISAGREED WITH THE CIA BACK IN FEBRUARY, AND INSINUATED THE "ATTACK" WAS AN INSIDE JOB, THEY LIKELY KNEW THE CIA WAS USING 'GRASSHOPPER'.
AFTER ALL, THE AGENCIES ARE NOTORIOUS FOR SPYING ON ONE ANOTHER.
WHEN DIPLOMATS, BRITISH AND AMERICAN, ADMITTED GIVING FILES TO WIKILEAKS TO PROVE THIS, EVERYONE LAUGHED, BUT THEY LIKELY KNEW WHAT THE CIA WAS UP TO LONG BEFORE WE DID.
IN YET ANOTHER "I TOLD YOU SO" MOMENT, IN CASE YOU MISSED THE WIKILEAKS RELEASE YESTERDAY, THEIR LATEST DUMP FROM "VAULT 7" ABSOLUTELY PROVES THE CIA USED STOLEN RUSSIAN MALWARE TO LEAVE A "RUSSIAN FINGERPRINT" ON THOSE DEMOCRATIC NATIONAL COMMITTEE (DNC) "HACKED" EMAILS.
BUT DID IT END THERE?
HOW MANY AMERICAN COMPUTERS DID THEY 'INFECT' REALLY?
THE CIA CALLED THEIR LITTLE OPERATION "GRASSHOPPER" AND ALSO DUBBED IT "STOLEN GOODS".
THEY STOLE IT FROM THE RUSSIANS AND USED IT AS RUSSIANS.
SAD THAT THEY COULDN'T INVENT THEIR OWN, YES?
WE ARE BEHIND THE RUSSIANS IN CYBERSPACE, TOO.WHAT WIKILEAKS REVEALED IS A "REAL HUMDINGER"!
THIS LEAK FROM YESTERDAY IS TITLED "GRASSHOPPER", BUT OTHER RECENT LEAKS ARE LISTED BELOW THAT...IN CASE YOU MISSED IT, BECAUSE AMERICAN MAINSTREAM MEDIA HATES WIKILEAKS AND SELDOM HEADLINES ITS LEAKS.
Grasshopper - 7 April, 2017
Marble Framework - 31 March, 2017
Dark Matter - 23 March, 2017
IF YOU GIVE A TINKER'S EARTHEN DAM, GO READ IT ALL (IT'S ONLY 22 SHORT PAGES, A LOT OF TECHNICAL JARGON, BUT THE INTENT OF IT IS MIND-BLOWING) AT https://wikileaks.org/vault7/document/StolenGoods-2_1-UserGuide/page-5/#pagination.
KEEP IN MIND, THE PDF YOU FIND THERE AT WIKILEAKS IS IN THE CIA's OWN WORDS...WHAT THEY DID AND HOW THEY DID IT.
PAGE 14 TELLS THE "USERS" INSIDE THE AGENCY HOW THE STOLEN MALWARE WORKS AROUND VIRUS DETECTORS, INCLUDING KASPERSKY
ALSO NOTE THAT THIS DOCUMENT FROM THE CIA IS DATED 14 JULY 2014.... SO THEY DID INDEED HAVE THE TECHNOLOGY IN 2015 AND 2016 TO DO EXACTLY WHAT SO MANY OTHERS INSIDE THE CIA, FBI, NSC, NSA HAVE SAID THEY DID... HACK INTO COMPUTERS OF THE TWO AMERICAN POLITICAL PARTIES, AND CONGRESS, AND THE SUPREME COURT.
SOMEBODY WAS EITHER MAKING SURE THAT HILLARY DID NOT WIN OR WAS TRYING TO KEEP TRUMP FROM WINNING, BUT THEY USED THE SOFTWARE AND THEY MADE IT APPEAR IT WAS A RUSSIAN JOB WHEN IT WAS AN INSIDE JOB, JUST AS SEVERAL WHISTLEBLOWERS HAVE STATED.
WHETHER THIS WAS A MISERABLE FAIL ON THE PART OF THE OBAMA ADMINISTRATION OR A MAJOR WIN FOR TRUMP SUPPORTERS INSIDE OUR 'SPY AGENCIES', FACTS ARE FACTS AND WE WILL GET MUCH MORE THAN THIS AS TIME GOES BY.
IF READING HOW THE CIA WAS USING THE "STOLEN GOODS" DOESN'T CAUSE YOUR BLOOD TO RUN COLD, I'D HAVE TO WONDER AT YOUR LACK OF PATRIOTISM, AS WE, THE PEOPLE, ARE TARGETS FOR THIS SINISTER GAME THEY'RE PLAYING.
YOU, I, ALL OF US CAN BE OR ALREADY ARE TARGETS, JUST LIKE TRUMP (OR HILLARY?).
"The release is the fourth in a series called ‘Vault 7’ which WikiLeaks claims contains documents taken from within the CIA. Releases so far include ‘Zero Days’ which detailed the CIA’s hacking of Samsung smart TVs and ‘Marble’, which allowed the CIA to disguise their hacks and attribute them to someone else, including Russia.
The latest release came with an emblem containing a grasshopper and the words: “Look before you leap,” a possible reference to how the latest leaked tools would allow the CIA to prepare a machine for future hacking, without raising suspicion.
In the WikiLeaks release, it is credited to Umbrage, a group within the CIA’s Remote Development Branch (RDB) which was linked in the ‘Year Zero’ release to collecting stolen malware and using it to hide its own hacking fingerprints.
The rootkits can be installed and used as a 'man on the inside' who can allow more malicious software through undetected in future, if the CIA felt it necessary. If suspicions were raised on initial installation, they would know not to proceed with a more extensive operation.
Also detailed in the release are Buffalo and Bamboo, modules that hide malware inside DLL’s, a collection of shared libraries, on a Windows system.
The two modules operate in slightly different ways: Buffalo runs immediately on installation whereas Bamboo requires a reboot to function properly.
The goal of today’s release is to help users seeking to defend their systems against any existing compromised security systems, Wikileaks stated.
TWEETS FROM WIKILEAKS YESTERDAY ANNOUNCED THE NEW DUMP.
CIA malware "Grasshpper" includes "Stolen Goods" which was taken from "suspected Russian organized crime" https://t.co/hZVjwtJvkB#Vault7pic.twitter.com/b6Xd0VN1Rn— WikiLeaks (@wikileaks) April 7, 2017
RELEASE: CIA malware for Windows "Grasshopper" -- which includes its own language https://t.co/cuNOq3lH4Npic.twitter.com/VEgd8YhyGY— WikiLeaks (@wikileaks) April 7, 2017
CIA malware "Grasshopper" re-installs itself every 22 hours by corrupting Windows Update--even if is disabled. https://t.co/NzCiyKkk6Cpic.twitter.com/EhLy7QXeEq— WikiLeaks (@wikileaks) April 7, 2017
Also detailed in the release is ScheduledTask, a component of ‘Grasshopper’ that allows it to utilize Windows Task Scheduler to schedule executables.
The component would allow the executables to automatically run at startup or logon, before killing it at the end of its duration. Included in ScheduledTask are commands that allow the executables names and description to be hidden.
ON PAGE 15, THE CIA WAS CONFIDENT ALL PSPs COULD BE DEFEATED.
"Frankly speaking, all PSPs should be tested before deployment, as
signatures can change and cause alerts. SG2 has been resignatured several times to beat
PSPs, and can be resignatured again should an issue arise with a particular PSP."
ON PAGE 21, READ THIS:
"The following example shows how to configure SG2.1 with an ICEPICK DLL
payload, JediMindTricks driver payload, and to use the network component. The
resulting binary file will be written to 'winxp32_dsn.bin'. This assumes Vbr.exe has been
run to generate the proper .asm file, and the .asm file is in the same folder as
AND FOR THOSE WHO DON'T USE WINDOWS....YOU ARE NOT SAFE FROM THIS AT ALL...
"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.
While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
NOW, ONLY BECAUSE OUR OWN MAINSTREAM MEDIA ARE TOO SCARED TO REPORT REAL NEWS ANYMORE, BECAUSE WE AMERICANS ARE KEPT MAYBE MORE IN THE DARK THAN THOSE IN, SAY, CHINA ARE, I SUBMIT THE FOLLOWING ARTICLES FOUND ON THE "RUSSIA TODAY" SITE.
YEAH, YEAH, I KNOW, "RUSSIAN PROPAGANDA AGAINST AMERICA", BUT GIVE IT A FEW DAYS TO MONTHS AND WE'LL FINALLY READ THE SAME THINGS IN TINY LITTLE ARTICLES SOMEWHERE ON AMERICAN MEDIA SITES.
TRUST ME...I'VE SEEN IT ALL HAPPEN BEFORE.
FOR EXAMPLE, YESTERDAY AND TODAY, AFTER I'D VISITED WikiLeaks I FOUND THE NEWS OF THIS LEAK ON A FINE LITTLE WEBSITE CALLED "TRUNEWS" (ONE OF THE FEW NEWS SITES I'D RECOMMEND TO FRIENDS) , THEN FOUND IT ON THE BBC SITE, AND THEN THIS ONE:
:The Week Magazine.
AND A WEBSITE I GREATLY APPRECIATE FOR SAVING MY COMPUTER WHEN EVEN KASPERSKY FAILED ME, 'BLEEPING COMPUTERS', REPORTED THE LEAK, AS DID A FEW OTHER "TECHIE" SITES.
SO, YEAH, GO READ TODAY WHAT YOU WILL PROBABLY BE ABLE TO READ ON ANY AMERICAN NEWS SITE WITHIN THE NEXT MONTH.
THINK OF IT AS A "TIME MACHINE"...THE LAG BETWEEN WHAT IS KNOWN AND WHAT WE ARE FINALLY TOLD ONCE AMERICAN MSM FINDS A WAY TO "DELIVER THE NEWS SOFTLY" WITH WHATEVER SPIN THEY'RE INSTRUCTED TO USE TO SELL US THAT IT'S ALL OKAY.
READ MORE: #Vault7: WikiLeaks reveals ‘Marble’ tool could mask CIA hacks with Russian, Chinese, Arabic
READ MORE: #Vault7: How CIA steals hacking fingerprints from Russia & others to cover its tracks
READ MORE: WikiLeaks publishes #Vault7: 'Entire hacking capacity of the CIA'
[AS OF 04/17/2017: OUR SPINELESS MSM ARE STILL NOT REPORTING THIS VERY BIG NEWS!]
Posted by Waninahi at 7:28 PM