WikiLeaks has released yet another batch of CIA documents in their latest “Vault 7” dump. The “Marble Framework” reveals how the CIA could potentially mask their hacks with Russian, Chinese, Arabic, and other languages. The framework showcases the CIA’s ability to mask malware and hacks in other language formats. With talks of Russian hacking the U.S. presidential election (and Russian specifically mentioned in the Marble Framework), the WikiLeaks Vault 7 release is sure to complicate matters regarding what evidence may be necessary to prove Russian interference.
The latest batch of documents from WikiLeaks involves a CIA project called “Marble Framework.” The framework was detailed by WikiLeaks as part of the CIA’s anti-forensics approach to malware. According to the documents, Marble Framework gave the CIA the ability to mask their hacks to appear as though they were created in another language. The framework details specifically the use of Chinese, Russian, Korean, Arabic, and Farsi (a western Iranian language) by the program.
However, the framework didn’t just allow the CIA-initiated malware to be coded in a different language, but it also used a “double-game” approach. This was a process in which a hack was performed in another language such as Chinese and then the Marble Framework would make it show signs of attempting to hide the Chinese in a bid to complicate the matter further. Therefore, not only would Chinese be used when it was actually an American English program, but it would also then attempt to cover up the fact that Chinese was used in a bid to make it appear even more likely that the Chinese were the culprit.
“This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.”
The Marble Framework release is the third in the “Vault 7” series that WikiLeaks is touting as the “largest ever publication of confidential CIA documents.” The first leak was titled “Year Zero” and was comprised of 8,761 documents. The report detailed how the CIA malware could target iPhone, Android, and even smart TVs. The most damning part of the report revealed how the CIA “hoarded” vulnerabilities in a bid to exploit them for their own gain instead of informing tech companies so that American users could be protected.
Following the “Year Zero” release, WikiLeaks dumped a Vault 7 series titled “Dark Matter.” These documents explained the techniques used by CIA to gain “persistence” on Apple Mac devices, including Macs and iPhones, and demonstrate their use of EFI/UEFI and firmware malware. The Marble Framework is simply an extension of the previous releases.
It is currently unclear as to how many more releases there will be in the Vault 7 data dump; however, Wikileaks founder Julian Assange has claimed that it will be the largest of its kind. With the release of the latest information, many are wondering how the FBI will be able to pinpoint Russia as having attempted to interfere with the American presidential election.
With it now public knowledge that the CIA is capable of making cyber attacks appear as though they originated in another country, will any amount of evidence be sufficient without an admission of guilt by Russia? Despite the issue, the FBI says they are still conducting an investigation into Russian “hacking” of the U.S. election and possible collusion by Trump administration members with Russian officials.
Though the CIA and its backers have long touted the need for the CIA to have these types of surveillance options to keep America safe, it was noted that only 10 percent of the U.S. cyber-spending budget goes to defense. The rest (90 percent) is used to attack people on the offense.
What do you think of the ongoing “Russian hacking” narrative and lack of media coverage on the WikiLeaks Vault 7 CIA dumps?
[Featured Image by Carl Court/AP Images]