WikiLeaks Vault 7

[T.Lex]

Description.
https://wikileaks.org/ciav7p1/

What's not in there.

[h=3]Redactions[/h] Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete.

1. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
2. Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
3. Archive attachments (zip, tar.gz, ...) are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
4. Attachments with other binary content are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
5. The tens of thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
6. Binary files of non-public origin are only available as dumps to prevent accidental invocation of CIA malware infected binaries.

The time slice of what's in there.

[h=3]What time period is covered?[/h] The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA's creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order. If it is critical to know the exact time/date contact WikiLeaks.

[h=3]What is "Vault 7"[/h] "Vault 7" is a substantial collection of material about CIA activities obtained by WikiLeaks.

The time period makes me think they obtained access in 2016 - during the election - which then provided access to backups and archived portions back to 2013.

 

[ArcadiaGP]

Summary - CIA developed an arsenal of exploits for smartphones and other smart devices. Exploits enabled backdoor discrete access to microphones, geodata, and cameras. CIA lost control of it, and now it's in the wild.

CIA needs to contact the companies it has zero days, malware, and exploits for and inform them so they can mitigate the damage... but I don't see that happening. US intel agencies could probably use a massive re-organizing. This sort of ****-up is unacceptable.

 

[T.Lex]

Mother. Of. Pearl.

They f'n popped some of the portable apps that I use.

https://wikileaks.org/ciav7p1/cms/page_20251107.html

Kinda funny but the NotePad++ DLL page was written by a guy who couldn't actually get the hack to work.
https://wikileaks.org/ciav7p1/cms/page_26968090.html

Info on the ThunderBird portable hack.
https://wikileaks.org/ciav7p1/cms/page_27263015.html

CIA nerds have a sense of humor.
https://wikileaks.org/ciav7p1/cms/page_14587529.html

 

[T.Lex]

Not that this is particularly secret, but CIA geeks attend black hat events.

https://wikileaks.org/ciav7p1/cms/page_9535799.html

 

[T.Lex]

Oh, and GP, looks like they like reddit.

https://wikileaks.org/ciav7p1/cms/page_14587649.html

And find your favorite personal security program vuln here:
https://wikileaks.org/ciav7p1/cms/page_13762910.html

 

[hoosierdoc]

And find your favorite personal security program vuln here:
https://wikileaks.org/ciav7p1/cms/page_13762910.html

puts his supposed paranoia in context, huh


https://www.entrepreneur.com/video/272793

https://businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

 

[T.Lex]

puts his supposed paranoia in context, huh


https://www.entrepreneur.com/video/272793

https://businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

Sorta, but not.

This was the CIA. On some pages, they talked openly about keeping certain tools from other agencies, even the NSA. I know about alphabet-animosity and inter-service rivalry, but some of this is kinda petty.

They do talk about "customers" though, so some agencies may have come to them with specific requests for exploits. The FBI might've been among them.

Now, given that at least some of these tools were in the hands of non-gov't contractors, there is also the chance of freelance work.

 

[T.Lex]

I find this funny.
https://wikileaks.org/ciav7p1/cms/page_7995763.html

The CIA was using OpenOffice (and I assume LibreOffice) for documentation, but found it "not conducive."

Parts of this could've been taken from Dilbert or Office Space or some other darkly humorous tech/code house story.

 

[T.Lex]

puts his supposed paranoia in context, huh


https://www.entrepreneur.com/video/272793

https://businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

So here's something more directly related to your point.
https://wikileaks.org/ciav7p1/cms/page_13205587.html

Lists of assets from other entities, including NSA, GCHQ (the Brits), and apparently purchased off the market for these products. I have to believe that they used bitcoin or something to anonymously buy these tools from real hackers, which basically meant they helped support them.

That'll be awkward.

 

[ATM]

...That'll be awkward.

The things government agents and agencies routinely do only become awkward when exposed, and then, only briefly.

Luckily for them, the American collective has largely become a docile, dismissive herd, easily distracted by the next trivial thing to splash their screens in an endless carnival of political/media distractions.

 

[ArcadiaGP]

The CIA has a list of "Japanese Style" ASCII faces to use on the internet.

My sides.

 

[ArcadiaGP]

Another summary someone made. Some sounds a bit exaggerated.

 

[T.Lex]

Yeah, from what I can tell, some of that is exaggerated. And, it isn't that the CIA turned every internet-enabled device into a microphone, but, if they knew with specificity which device to target, they could probably turn any of them into a listening device.

I'm discerning there's another layer out there involving deconfliction. It would be counter-productive to have 2 or more agencies targeting the same device. There were clearly links between US agencies and the Brits at some level. Without sounding too melodramatic, someone or some group of someones would have to figure out who to target.

 

[ArcadiaGP]

I'm guessing the response to this is going to be casual snark and lackluster.

An incredibly massive breach of privacy and trust... involving major household names and companies. Very few people will hear about it, and fewer people will care. "Oh we knew they were doing that." Doesn't make it right.

Feels pretty dirty.

Doubt the gov will care... just instills more fear into the people. Probably a win for them.

 

[BugI02]

The only completely secure electronic device is one that is not and has never been connected to the internet

And the how good is your security against B & E

Trump's fault. It's day 47, he should have taken care of this by now

 

[Expat]

I guess I will download and scan through them.

 

[T.Lex]

I guess I will download and scan through them.

Definitely. I'm not even really in this world, and it is a mix of scary, funny, and mundane.

 

[GodFearinGunTotin]

 

[Expat]

If anyone is concerned. I scanned the payload with two different AV programs and it got a clear bill of health.
Just in case I moved it to a VM and disconnected it from the internet, but didnt not see any attempts to call out.

Just skimmed through it. Interesting stuff if you are into that sort of thing.

I heard Rush say that Wikileaks is reporting that this is only a minute percentage of what they have received. They are still sorting through it.

 

[T.Lex]

Yeah - the tools don't seem to be part of the actual package, just the documentation.

Now... if you have a d/l for the tools, that'd be a hot ticket.