Jump to content

Vault 7: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
AnomieBOT (talk | contribs)
Bots
6,412,608 edits
m Dating maintenance tags: {{Primary sources}}
RebelSkum (talk | contribs)
22 edits
→‎Vehicle control systems: Updated to include information on the CIA's targeting of QNX systems and their relation to Michael Hastings as well as other technologies
Line 100: Line 100:
=== Vehicle control systems ===
=== Vehicle control systems ===
{{See also|Car hacking}}
{{See also|Car hacking}}
One document reportedly showed that the CIA was researching ways to infect vehicle control systems. WikiLeaks stated, "The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations."<ref name="NZ Herald">{{cite web|title=WikiLeaks 'Vault 7' dump reignites conspiracy theories surrounding death of Michael Hastings|url=http://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=11814476|work=The New Zealand Herald|author=|date=8 March 2017|access-date=8 March 2017}}</ref><ref name="Fox 17 Mar 2017 Vault7" /> This statement brought renewed attention to [[conspiracy_theory|conspiracy theories]] surrounding the [[Michael Hastings (journalist)#Death|death of Michael Hastings]].<ref>{{Cite web |url=http://heavy.com/news/2017/03/wikileaks-vault-7-remote-car-hack-assassination-michael-hastings-conspiracy/ |title=WikiLeaks Vault 7 Conspiracy: Michael Hastings Assassinated by CIA Remote Car Hack? |last=Prince |first=S. J. |date=7 March 2017 |website=Heavy.com |access-date=8 March 2017}}</ref><ref name="NZ Herald" />
One document reportedly showed that the CIA was researching ways to infect vehicle control systems. WikiLeaks stated, "The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations."<ref name="NZ Herald">{{cite web|title=WikiLeaks 'Vault 7' dump reignites conspiracy theories surrounding death of Michael Hastings|url=http://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=11814476|work=The New Zealand Herald|author=|date=8 March 2017|access-date=8 March 2017}}</ref><ref name="Fox 17 Mar 2017 Vault7" /> This statement brought renewed attention to [[conspiracy_theory|conspiracy theories]] surrounding the [[Michael Hastings (journalist)#Death|death of Michael Hastings]].<ref>{{Cite web |url=http://heavy.com/news/2017/03/wikileaks-vault-7-remote-car-hack-assassination-michael-hastings-conspiracy/ |title=WikiLeaks Vault 7 Conspiracy: Michael Hastings Assassinated by CIA Remote Car Hack? |last=Prince |first=S. J. |date=7 March 2017 |website=Heavy.com |access-date=8 March 2017}}</ref><ref name="NZ Herald" /> This is because Michael Hastings' car, a 2013 Mercedes C250 Coupé, had over 20 known vulnerabilities from its QNX-manufactured automotive operating system.<ref>{{Cite web|url=http://www.eetimes.com/messages.asp?piddl_msgthreadid=42296&piddl_msgid=257920|title=How Hackers Can Take Control Over Your Car {{!}} EE Times|website=EETimes|access-date=2017-03-20}}</ref> Apparently QNX's operating systems were specifically targeted by the CIA as can be found in meeting notes released in Vault 7.<ref>{{Cite web|url=https://wikileaks.org/ciav7p1/cms/page_13763790.html|title=2014-10-23 Branch Direction Meeting notes|website=wikileaks.org|language=en|access-date=2017-03-20}}</ref>

It has been claimed that QNX Car2 systems are also used in trains and nuclear reactors.<ref>{{Cite web|url=http://www.911forum.org.uk/board/viewtopic.php?t=21970&sid=a02897090da291a6b23103f90287c3ac|title=9/11, 7/7 & the War on Freedom :: View topic - McChrystal journalist Michael Hastings dies in 'car crash'|website=www.911forum.org.uk|access-date=2017-03-20}}</ref>


=== Weeping Angel ===
=== Weeping Angel ===

Revision as of 00:52, 20 March 2017

Seal of the Central Intelligence Agency (CIA) to which the information released in Vault 7 pertains.

Vault 7 is a series of documents that WikiLeaks began to release on 7 March 2017, that detail activities and capabilities of the United States Central Intelligence Agency to perform electronic surveillance and cyber warfare. The files, dated from 2013–2016, include details on the agency's software capabilities, such as the ability to compromise smart TVs,[1] web browsers (including Firefox, Google Chrome, and Microsoft Edge), and the operating systems of most smartphones (including Apple's iOS and Google's Android), as well as other operating systems such as Microsoft Windows, macOS, and Linux.

Background

WikiLeaks started teasing the release of "Vault 7" in early February 2017 with a series of cryptic tweets.[2] On 16 February 2017, WikiLeaks released CIA documents describing how the CIA monitored the 2012 French presidential election.[3] The press release for this leak stated it was published "as context for its forthcoming CIA Vault 7 series."[4]

On 8 March 2017 US intelligence and law enforcement officials said to the international news agency Reuters that they have been aware of the CIA security breach, which led to the Vault 7 since late 2016. The two officials said they were focusing on "contractors" as the likeliest source of the leak.[5]

Release

The first batch of documents to be released consisted of 7,818 web pages with 943 attachments, purportedly from the Center for Cyber Intelligence,[6] which already contains more pages than former NSA contractor and leaker, Edward Snowden's NSA release.[7] WikiLeaks did not name the source, but said that the files had "circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive."[1] According to WikiLeaks, the source "wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons" since these tools raise questions that "urgently need to be debated in public, including whether the C.I.A.'s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency."[1]

WikiLeaks redacted names and other identifying information from the documents before their release,[1] while attempting to allow for connections between people to be drawn via unique identifiers generated by WikiLeaks.[8] It also said that it would postpone releasing the source code for the cyber weapons, which is reportedly several hundred million lines long, "until a consensus emerges on the technical and political nature of the C.I.A.'s program and how such 'weapons' should be analyzed, disarmed and published."[1] WikiLeaks founder Julian Assange claimed this was only part of a larger series.[7]

The CIA released a statement saying, "The American public should be deeply troubled by any WikiLeaks disclosure designed to damage the Intelligence Community's ability to protect America against terrorists or other adversaries. Such disclosures not only jeopardize US personnel and operations, but also equip our adversaries with tools and information to do us harm."[9]

According to Assange in a 9 March press release only 1% of the total leak has been released. He states that much of the remainder of the leak included unpatched vulnerabilities but that he was working with Microsoft, Apple and Google to get these vulnerabilities patched as he would not release information which would put the public at risk, and as fixes were released by manufacturers he would release details of vulnerabilities. As such, none of the vulnerabilities currently released are zero-day exploits. In this press release Assange also read an official statement by Microsoft which stated Microsoft's desire for the "next Geneva Convention" which would protect people from government cyber weapons the same way the previous Geneva Conventions have protected noncombatants from warfare.[10]

Authenticity

Tucker Carlson: "So, 51,000 people retweeted that. So a lot of people thought that was plausible, they believe you, you're the President -- you're in charge of the agencies. Every intelligence agency reports to you. Why not immediately go to them and gather evidence to support that?"

Donald Trump: "Because I don't want to do anything that's going to violate any strength of an agency. We have enough problems.

And by the way, with the CIA, I just want people to know, the CIA was hacked, and a lot of things taken -- that was during the Obama years. That was not during us. That was during the Obama situation. Mike Pompeo is there now doing a fantastic job."

— transcript, Tucker Carlson Tonight, March 16, 2017, (Fox News)[11]

When asked about their authenticity, former Director of the Central Intelligence Agency Michael Hayden replied that the organization does "not comment on the authenticity or content of purported intelligence documents."[1] However, speaking on condition of anonymity, current and former intelligence officials said that the documents appear to be genuine.[12] According to Snowden, the documents "look authentic."[13] Robert M. Chesney, a law professor at the University of Texas and Director of the Technology and Public Policy Program at the Center for Strategic and International Studies (CSIS), likened the Vault 7 to NSA hacking tools disclosed in 2016 by a group calling itself The Shadow Brokers.[1]

On March 15, 2017, President Donald Trump stated during an interview that "the CIA was hacked, and a lot of things taken".[14] The following day in a statement, the Ranking Member of the House Intelligence Committee implied that Trump, while holding the executive power to declassify state intelligence at his discretion, had recklessly discussed the leak.[15]

Dates in the Vault 7 Year Zero documents suggesed that the CIA compromise happened in February or March of 2016.[16]

Journalism

Wikileaks's said-motivation behind the release of Vault 7 without having stories already written about it, is to have journalists look for themselves, so as "to create expertise in the area for subsequent parts in the series", adding that leads are more than plentiful if journalists and academics were to just look. [17]

Organization of US cyber warfare

WikiLeaks said that the documents came from "an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence (CCI) in Langley, Virginia."[18] The documents allowed WikiLeaks to partially determine the structure and organization of the CCI. The CCI reportedly has an entire unit devoted to compromising Apple products.[13]

Frankfurt base

The first portion of the documents made public on 7 March 2017, Vault 7 "Year Zero", revealed that a top secret CIA unit used the German city of Frankfurt as the starting point for hacking attacks on Europe, China and the Middle East. According to the documents, the US government uses its Consulate General Office in Frankfurt as a hacker base for cyber operations. This diplomatic representation was known to be the largest US consulate worldwide, in terms of both personnel and facilities, and has played a prominent role in the US government's intelligence architecture for years. The intelligence personnel including CIA agents, NSA spies, military secret service personnel, the United States Department of Homeland Security employees and the Secret Service employees are working in the building complex with high walls and barbed wire in the north of the city. In a radius of about 40 kilometers around Frankfurt, the Americans had also established a dense network of outposts and shell companies in Frankfurt. WikiLeaks documents reveal the Frankfurt hackers, part of the Center for Cyber Intelligence Europe (CCIE), were given cover identities and diplomatic passports to obfuscate customs officers to gain entry to Germany.[13][19]

The chief Public Prosecutor General of the Federal Court of Justice in Karlsruhe Peter Frank announced on 8 March 2017 that the government was conducting a preliminary investigation to see if it will launch a major probe into the activities being conducted out of the consulate and also more broadly whether people in Germany are being attacked by the CIA.[20][10] Germany's foreign minister Sigmar Gabriel from the Social Democratic Party responded to the documents of Vault 7 "Year Zero" that the CIA used Frankfurt as a base for its digital espionage operations, saying that Germany did not have any information about the cyber attacks.[21]

UMBRAGE

The documents reportedly revealed that the agency had amassed a large collection of cyberattack techniques and malware produced by other hackers. This library was reportedly maintained by the CIA's Remote Devices Branch's UMBRAGE group, with examples of using these techniques and source code contained in the "Umbrage Component Library" git repository. According to WikiLeaks, by recycling the techniques of third-parties though UMBRAGE, the CIA can not only increase its total number of attacks,[22] but can also mislead forensic investigators by disguising these attacks as the work of other groups and nations.[1][13] Among the techniques borrowed by UMBRAGE was the file wiping implementation in the Shamoon. According to PC World, some of the techniques and code snippets have been used by CIA in its internal projects, whose end result cannot be inferred from the leaks. PC World noted that the practice of planting "false flags" to deter attribution was not a new development in cyberattacks: Russian, North Korean and Israeli hacker groups are among those suspected of using false flags.[23]

According to a study by Kim Zetter in The Intercept, UMBRAGE was probably much more focused on speeding up development by repurposing existing tools, rather than on planting false flags.[22] Robert Graham, CEO of Errata Security told The Intercept that the source code referenced in the UMBRAGE documents is "extremely public", and is likely used by a multitude of groups and state actors. Graham added: "What we can conclusively say from the evidence in the documents is that they're creating snippets of code for use in other projects and they're reusing methods in code that they find on the internet. [...] Elsewhere they talk about obscuring attacks so you can't see where it's coming from, but there's no concrete plan to do a false flag operation. They're not trying to say 'We're going to make this look like Russia'."[24]

False flag theories

On the day the Vault 7 documents were first released, WikiLeaks described UMBRAGE as "a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation," and tweeted, "CIA steals other groups virus and malware facilitating false flag attacks".[25] A conspiracy theory soon emerged alleging that the CIA framed the Russian government for interfering in the 2016 U.S. elections. Conservative commentators such as Sean Hannity and Ann Coulter speculated about this possibility on Twitter, and Rush Limbaugh discussed it on his radio show.[26] Russian foreign minister Sergey Lavrov said that Vault 7 showed that "the CIA could get access to such 'fingerprints' and then use them.[25]

Cybersecurity writers such as Ben Buchanan and Kevin Poulsen were skeptical of these theories.[27][3] Poulsen wrote, "The leaked catalog isn't organized by country of origin, and the specific malware used by the Russian DNC hackers is nowhere on the list."[3]

Compromised technology and software

Apple Airport Extreme & Time Capsule

HarpyEagle is a tool designed to gain root access on an Apple Airport Extreme and Time Capsule via local and/or remote means to install a persistent rootkit into the flash storage of the devices.[28]

Facedancer21, a component of HarpyEagle, is a client for keyboard emulation. You are able to send keystrokes to the host device as if you were typing them into a keyboard.[29]

CDs/DVDs

HammerDrill is a CD/DVD collection tool that collects directory walks and files to a configured directory and filename pattern as well as logging CD/DVD insertion and removal events. v2.0 adds a gap jumping capability that Trojans 32-bit executables as they are being burned to disc by Nero. Additionally, v2.0 adds an status, termination and an on-demand collection feature controlled by HammerDrillStatus.dll, HammerDrillKiller.dll and HammerDrillCollector.dll. The logging now also fingerprints discs by hashing the first two blocks of the ISO image, which enables unique identification of multi-sessions discs even as data is added and removed. The log also logs anytime a HammerDrill trojaned binary is seen on a disc.[30]

iFrames/Embedded website media

Bee Sting is a discrete tool for injecting data in to iFrame media.[31] This would be coupled with something like Flash Bang to deliver a payload discretely through iFrame media (embedded videos, games, etc.).

Flash Bang is a tool designed to be able to migrate from a browser process (using sandbox breakout), escalate privileges, and memory load a NOD Persistence Spec dll file, basically hacking a target system and setting up a persistent backdoor through iframe media.[32]

Mac OSX

DerStarke appears to be a suite for discretely and persistently monitoring a target device, allowing the attacker to discretely connect to the Internet and thus beacon back to the attacker's device. Unlike typical Windows packages which do similar things, DerStarke was developed for Mac OSX Mavericks.[33]

YarnBall is a client for intercepting USB keyboard traffic for keylogging purposes on primarily Apple devices. The user can then move this data to a discrete storage device curiously labeled as, NyanCat.[34]

Network Routers

Numerous tools and projects discussed in Vault 7's "Year Zero" were designed specifically to hack, monitor and control network routers. Listed are a few manufacturers and the models that were targeted specifically.

Cisco

JQJSTEPCHILD was either a tool or a project to discretely exploit and take over Cisco 2911 routers.[35]

MikroTik

The Network Devices Branch appears to have been involved in trying to exploit vulnerabilities in MikroTik's Hotspot and Paywall networking features and MikroTik routers.[36] It appears these are in use in Latvia and other European countries.[37]

The software tool used to do this appears to have been primarily Perseus.[38]

Smartphones

The electronic tools can reportedly compromise both Apple's iOS and Google's Android operating systems. By adding malware to the Android operating system, the agency can gain access to secure communications made on a device.[39]

Apple stated that "many of the issues leaked today were already patched in the latest iOS," and that the company "will continue work to rapidly address any identified vulnerabilities."[40]

Messaging services

According to WikiLeaks, once an Android smartphone is penetrated the agency can collect "audio and message traffic before encryption is applied".[1] Some of the agency's software is reportedly able to gain access to messages sent by instant messaging services.[1] This method of accessing messages differs from obtaining access by decrypting an already encrypted message.[39] While the encryption of messengers that offer end-to-end encryption, such as Telegram, WhatsApp and Signal, wasn't reported to be cracked, their encryption can be bypassed by capturing input before their encryption is applied, by methods such as keylogging and recording the touch input from the user.[39] Commentators, among them Snowden and cryptographer and security pundit Bruce Schneier, observed that Wikileaks incorrectly implied that the messaging apps themselves, and their underlying encryption, had been compromised - an implication which was in turn reported for a period by the New York Times and other mainstream outlets.[41][1]

UEFI

Copy-and-paste code was included in the leaks which allow for the exploitation of UEFI-based boot systems by altering the operating system's kernel which is loaded into memory before exiting the UEFI boot sequence. The copy-and-paste code allows for an attacker to insert a custom hook which can be used to arbitrarily alter the operating system's kernel in memory immediately before execution control is handed to the kernel.[42]

Vehicle control systems

See also: Car hacking

One document reportedly showed that the CIA was researching ways to infect vehicle control systems. WikiLeaks stated, "The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations."[43][13] This statement brought renewed attention to conspiracy theories surrounding the death of Michael Hastings.[44][43] This is because Michael Hastings' car, a 2013 Mercedes C250 Coupé, had over 20 known vulnerabilities from its QNX-manufactured automotive operating system.[45] Apparently QNX's operating systems were specifically targeted by the CIA as can be found in meeting notes released in Vault 7.[46]

It has been claimed that QNX Car2 systems are also used in trains and nuclear reactors.[47]

Weeping Angel

One of the software suites, reportedly code-named "Weeping Angel", is reportedly able to use Samsung smart televisions as covert listening devices. In June 2014, the CIA held a joint workshop with British intelligence's MI5 to improve the "Weeping Angel" hack, which appears to have specifically targeted Samsung's F8000 series TVs released in 2013. It would allow an infected smart television to be used "as a bug, recording conversations in the room and sending them over the internet to a covert C.I.A. server" even if it appears to be off.[1]

Windows

The documents refer to a "Windows FAX DLL injection" exploit in Windows XP, Windows Vista and Windows 7 operating systems.[6] This would allow a user with malicious intents to hide its own malware under the DLL of another application. However, a computer must have already been compromised through another method for the injection to take place.[48]

Also included within the leaks were copy-and-paste code which allowed for privilege escalation in a Windows 7 environment. This code allows an attacker to bypass the normal User Account Control (UAC) window which is displayed when a program is attempting to run with administrative privileges essentially allowing arbitrary code to be executed with administrative privileges without the end user's knowledge.[49]

Commentary

Lee Mathews, a contributor to Forbes, wrote that most of the hacking techniques described in Vault 7 were already known to many cybersecurity experts.[50]

Some note that the revealed techniques and tools are most likely to be used for targeted surveillance[51][52] rather than the NSA's mass surveillance techniques revealed by Edward Snowden.[53] In a press conference Assange states that while the leaks' content "at least means that they have to engage in targeted attacks which is more expensive and might have more order trail" he also states they have exposed the CIA's "automated implant branch" which not just develops and uses viruses "but also automates how that is done" which may approach the level of bulk intersection.[10]

Edward Snowden commented on the importance of the release, stating that it reveals the United States Government to be "developing vulnerabilities in US products" and "then intentionally keeping the holes open", which he considers highly reckless.[54]

Nathan White, Senior Legislative Manager at the Internet advocacy group Access Now, writes:[55]

Today, our digital security has been compromised because the CIA has been stockpiling vulnerabilities rather than working with companies to patch them. The United States is supposed to have a process that helps secure our digital devices and services — the 'Vulnerabilities Equities Process.' Many of these vulnerabilities could have been responsibly disclosed and patched. This leak proves the inherent digital risk of stockpiling vulnerabilities rather than fixing them.

Cindy Cohn, Electronic Frontier Foundation’s executive director, an international non-profit digital rights group based in San Francisco, California, said the CIA had "failed to accurately assess the risk of not disclosing vulnerabilities. Even spy agencies like the CIA have a responsibility to protect the security and privacy of Americans".[56] “The freedom to have a private conversation – free from the worry that a hostile government, a rogue government agent or a competitor or a criminal are listening – is central to a free society”. While not as strict as privacy laws in Europe, the Fourth amendment to the US constitution does guarantee the right to be free from unreasonable searches and seizures.[57]

See also

2

References

  1. ^ a b c d e f g h i j k l Shane, Scott; Mazzetti, Mark; Rosenberg, Matthew (7 March 2017). "WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents". The New York Times. Retrieved 7 March 2017.
  2. ^ Dwilson, Stephanie Dube (7 February 2017). "What Is Vault 7 on WikiLeaks?". Heavy. Retrieved 12 March 2017.
  3. ^ a b c Poulsen, Kevin (8 March 2017). "Russia Turns WikiLeaks CIA Dump Into Disinformation". The Daily Beast. Retrieved 12 March 2017.
  4. ^ "CIA espionage orders for the 2012 French presidential election". WikiLeaks. 16 February 2017. Retrieved 12 March 2017.
  5. ^ Reuters: U.S intel, law enforcement officials aware of CIA breach since late last year, 8 March 2017
  6. ^ a b "WikiLeaks claims to release thousands of CIA documents". CBS News. Associated Press. 7 March 2017. Retrieved 7 March 2017. {{cite news}}: Cite has empty unknown parameter: |dead-url= (help)
  7. ^ a b "WikiLeaks publishes massive trove of CIA spying files in 'Vault 7' release". The Independent. 7 March 2017. Retrieved 7 March 2017.
  8. ^ "Vault7 - Home". WikiLeaks. "Redactions" section. Retrieved 10 March 2017.
  9. ^ Berke, Jeremy (8 March 2017). "CIA: Americans 'should be deeply troubled' by WikiLeaks' disclosure". Business Insider. Retrieved 10 March 2017.
  10. ^ a b c "Wikileaks Vault 7 March 9th Press Conference [Full Transcript] — Steemit". 10 March 2017.
  11. ^ Schwartz, Ian (16 March 2017). "Carlson To Trump: Why Not Gather Evidence, Confront Intelligence Agencies If You Were Wiretapped?". RealClearPolitics. Retrieved 16 March 2017.
  12. ^ Ross, Brian; Gordon Meek, James; Kreider, Randy; Kreutz, Liz (8 March 2017). "WikiLeaks docs allege CIA can hack smartphones, expose Frankfurt listening post". ABC News.
  13. ^ a b c d e Cody Derespina (7 March 2017). "WikiLeaks releases 'entire hacking capacity of the CIA'". Fox News. Retrieved 7 March 2017.
  14. ^ Carlson, Tucker (15 March 2017). "Trump: 'Wiretap covers a lot of different things'". Fox News. p. (Video). Retrieved 16 March 2017.
  15. ^ Beavers, Olivia (16 March 2017). "Dem lawmaker: Trump might've leaked classified information". The Hill. Retrieved 16 March 2017.
  16. ^ Nicholas Weaver: The CIA’s No Good, Very Bad, Totally Awful Tuesday, Lawfare, 7 March 2017
  17. ^ "Vault7 - Home". wikileaks.org. Retrieved 13 March 2017.
  18. ^ Satter, Raphael (7 March 2017). "WikiLeaks publishes CIA trove alleging wide scale hacking". Boston.com. Retrieved 7 March 2017.
  19. ^ Goetz, John; Obermaier, Frederik (7 March 2017). "Frankfurter US-Konsulat soll Spionagezentrale sein" [Frankfurt's US Consulate appears to be an espionage center]. Süddeutsche Zeitung (in German).
  20. ^ http://www.waz.de/politik/internet-methoden-der-cia-enthuellt-id209874865.html
  21. ^ German Foreign Minister Gabriel fears new arms race with Russia, Deutsche Welle, 9 March 2017
  22. ^ a b Zetter, Kim. "WikiLeaks Files Show the CIA Repurposing Hacking Code To Save Time, Not To Frame Russia". The Intercept. Retrieved 9 March 2017.
  23. ^ "CIA false flag team repurposed Shamoon data wiper, other malware". PCWorld. Retrieved 12 March 2017.
  24. ^ Cimpanu, Catalin. "Vault 7: CIA Borrowed Code from Public Malware". Bleeping Computer. Retrieved 8 March 2017.
  25. ^ a b Tani, Maxwell (9 March 2017). "Conservative media figures are embracing a wild WikiLeaks conspiracy theory that the CIA hacked the DNC, and then framed Russia". Business Insider. Retrieved 12 March 2017.
  26. ^ Blake, Aaron. "Analysis - The dangerous and irresistible GOP conspiracy theory that explains away Trump's Russia problem". The Washington Post. Retrieved 12 March 2017.
  27. ^ Buchanan, Ben (9 March 2017). "WikiLeaks doesn't raise doubts about who hacked the DNC. We still know it was Russia". The Washington Post. Retrieved 12 March 2017.
  28. ^ "HarpyEagle". wikileaks.org. Retrieved 19 March 2017.
  29. ^ "Facedancer21 UserGuide (Linux)". wikileaks.org. Retrieved 19 March 2017.
  30. ^ "HammerDrill v2.0". wikileaks.org. Retrieved 19 March 2017.
  31. ^ "Bee Sting - Proxy with iFrame injection". wikileaks.org. Retrieved 20 March 2017.
  32. ^ "Flash Bang v1.1 (Current Version)". wikileaks.org. Retrieved 20 March 2017.
  33. ^ "DerStarke". wikileaks.org. Retrieved 19 March 2017.
  34. ^ "YarnBall". wikileaks.org. Retrieved 19 March 2017.
  35. ^ "JQJSTEPCHILD - Op2". wikileaks.org. Retrieved 19 March 2017.
  36. ^ "MikroTik Hotspot / Paywall Analysis". wikileaks.org. Retrieved 19 March 2017.
  37. ^ "Redirect non-paying customer to specific page via hotspot - MikroTik RouterOS". forum.mikrotik.com. Retrieved 19 March 2017.
  38. ^ "DUT2 - RB450G - General Info". wikileaks.org. Retrieved 19 March 2017.
  39. ^ a b c Barrett, Brian (7 March 2017). "The CIA Can't Crack Signal and WhatsApp Encryption, No Matter What You've Heard". Wired. Retrieved 8 March 2017.
  40. ^ McCormick, Rich (8 March 2017). "Apple says it's already patched 'many' iOS vulnerabilities identified in WikiLeaks' CIA dump". The Verge. Retrieved 8 March 2017.
  41. ^ Glaser, April (7 March 2017). "WikiLeaks Reveals The CIA Hacked Into Apple IPhones". ReCode. Retrieved 17 March 2017.
  42. ^ "ExitBootServices Hooking". WikiLeaks.
  43. ^ a b "WikiLeaks 'Vault 7' dump reignites conspiracy theories surrounding death of Michael Hastings". The New Zealand Herald. 8 March 2017. Retrieved 8 March 2017.
  44. ^ Prince, S. J. (7 March 2017). "WikiLeaks Vault 7 Conspiracy: Michael Hastings Assassinated by CIA Remote Car Hack?". Heavy.com. Retrieved 8 March 2017.
  45. ^ "How Hackers Can Take Control Over Your Car | EE Times". EETimes. Retrieved 20 March 2017.
  46. ^ "2014-10-23 Branch Direction Meeting notes". wikileaks.org. Retrieved 20 March 2017.
  47. ^ "9/11, 7/7 & the War on Freedom :: View topic - McChrystal journalist Michael Hastings dies in 'car crash'". www.911forum.org.uk. Retrieved 20 March 2017.
  48. ^ "Notepad++ Fix CIA Hacking Issue". notepad-plus-plus.org. Retrieved 10 March 2017.
  49. ^ "Elevated COM Object UAC Bypass (WIN 7)".
  50. ^ Mathews, Lee. "WikiLeaks Vault 7 CIA Dump Offers Nothing But Old News". Forbes. Retrieved 9 March 2017.
  51. ^ Hern, Alex (8 March 2017). "'Am I at risk of being hacked?' What you need to know about the 'Vault 7' documents". The Guardian. Retrieved 11 March 2017.
  52. ^ Hern, Alex (8 March 2017). "Apple to 'rapidly address' any security holes as companies respond to CIA leak". The Guardian. Retrieved 11 March 2017.
  53. ^ Domonoske, Camila; Myre, Greg. "The CIA Document Dump Isn't Exactly Snowden 2.0. Here's Why". NPR. Retrieved 15 March 2017.
  54. ^ "Edward Snowden on Twitter". Twitter. Retrieved 8 March 2017.
  55. ^ "Alleged CIA documents show urgent need to limit government hacking – Access Now". Access Now. 7 March 2017. Retrieved 8 March 2017.
  56. ^ After CIA leaks, tech giants scramble to patch security flaws, 9 March 2017
  57. ^ Olivia Solon: With the latest WikiLeaks revelations about the CIA – is privacy really dead?, The Guardian, 8 March 2017
Retrieved from "https://en.wikipedia.org/w/index.php?title=Vault_7&oldid=771179493"