The documents allege the CIA took malware from other countries to hide its own fingerprints.
Wikileaks has published almost 9,000 documents from the CIA about the agency’s own malware used to hack into anyone’s electronics and spy on them. Most concerning? The CIA has malwarefrom Russia, and other countries, so it looks like an attack came from that country:
The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.
UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.
Wikileaks compares this style to that of finding the same “knife wound on multiple separate murder victims.” This evidence leads investigators to believe the same person committed each murder so when they apprehend the killer then they can solve the other murders.
WikiLeaks on Twitter
CIA organizational chart partly re-constructed by @WikiLeaks #Vault7 https://t.co/4R2Dh4ZzGN
WikiLeaks on Twitter
WikiLeaks’ #Vault7 reveals CIA ‘zero day’ attacks against iPhones, iPads (iOS) https://t.co/UEWWAWWV6K