Nov 062017
 

Wikileaks released a secret agreement between Hillary Clinton and the DNC proving the Democrat primary was rigged

Clinton DNC Secret Agreement

The entire DNC primary process was rigged from the beginning.

This document, dated August 26, 2015, may be proof that Bernie knew the DNC was rigged for Hillary. Why didn’t he say something? Why did he continue to support her? Serious questions! Bernie donors should win that lawsuit and get every penny back they donated to the DNC. This is criminal.

Clinton-DNC secret agreement dated August 26, 2015:

Bernie Sanders Crying

Consider that most of the Mainstream Media was working with the DNC, it’s simply amazing that President Trump was able to overcome a rigged election. He overcame these obstacles with hard work, determination and balls.

 

 

 

 

Oct 282017
 

A John Podesta email includes an attachment of a letter sent by Senator Grassley to Loretta Lynch demanding an investigation into Uranium One. A.G. Lynch ignored and squashed the investigation

Loretta Lynch Implicated In Uranium One Obstruction Of Justice

A Wikileaks email, titled “Grassley letter” points to possible collusion between the Department Of Justice and the Clinton Campaign on Uranium One. A letter from Senator Chuck Grassley to Loretta Lynch questioning the Uranium One deal ended up in the hands of a Clinton Foundation Senior VP and ultimately in the hands of John Podesta and the Clinton campaign.

Grassley Letter

Grassley letter Attachment:




Senator Grassley needs a worthy nickname. We should start drafting our own legends around the patriots of this period just as the Founding Fathers did. I my opinion Senator Grassely will be one of the heros of our New American Revolution where we Drain the Swamp.

More Evidence: “It’s out there”

Another email, dated 4/29/2015, from Jennifer Palmieri to John Podesta, titled “It’s out there“, when news of Uranium One first hit the Internet.

Brian Fallon, Hillary’s press secretary, and Jennifer Palmieri, Hillary’s director of communications were the initial recipients of the message. Palmieri then forwarded it to Hillary’s campaign chairman John Podesta, adding, “Fyi.”

They knew!

 

 

 

 

 

 

WikiLeaks Vault 7: Projects

 Political  Comments Off on WikiLeaks Vault 7: Projects
Aug 312017
 

WikiLeaks Vault 7 is about a global hacking program being covertly run by the CIA

WikiLeaks Vault 7: Projects

Vault 7 is a series of documents that WikiLeaks began to publish on 7 March 2017, that detail activities and capabilities of the United States Central Intelligence Agency to perform electronic surveillance and cyber warfare on anyone it chooses. The files, dated from 2013–2016, include details on the agency’s software capabilities, such as the ability to compromise cars, smart TVs, web browsers (including Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera Software ASA), and the operating systems of most smartphones (including Apple’s iOS and Google’s Android), as well as other operating systems such as Microsoft Windows, macOS, and Linux.

WikiLeaks Vault 7: Projects

 
 
 

Audio Recording Of Seymour Hersh Discussing DNC Leaks And Seth Rich Murder

 Political  Comments Off on Audio Recording Of Seymour Hersh Discussing DNC Leaks And Seth Rich Murder
Aug 022017
 

[Audio] Seymour Hersh confirms Seth Rich was the WikiLeaks source and there was NO HACK.

Audio Recording Of Seymour Hersh Discussing DNC Leaks And Seth Rich Murder

The fact that Wikileaks disseminated this gives it a lot more weight than Seymour Hersh saying what he said. Julian Assange distributing this speaks volumes.

Language Warning

 
 
via

WikiLeaks ICWatch: The Who’s Who Of The Deep State

 Political  Comments Off on WikiLeaks ICWatch: The Who’s Who Of The Deep State
Aug 022017
 

WikiLeaks’ “Intelligence Community Watch (ICWatch)” is a database/directory list of 409,820 individuals.

WikiLeaks ICWatch: The Who's Who Of The Deep State

From WikiLeaks:

ICWATCH is a project to collect and analyze resumes of people working in the intelligence community. People working for intelligence contractors, the military, and intelligence agencies frequently mention secret codewords and surveillance programs in public resumes. These resumes are useful for uncovering new surveillance programs, learning more about known codewords, identifying which companies help with which surveillance programs, examining trends in the intelligence community, and more. We have collected over 100,000 of these resumes from LinkedIn, Indeed, and other public sources and made them searchable with our search software, LookingGlass.

Links

Archive.
 
 
 

Hillary Clinton Requested FBI Director Mueller Deliver Highly Enriched Uranium To Russians In 2009

 Political  Comments Off on Hillary Clinton Requested FBI Director Mueller Deliver Highly Enriched Uranium To Russians In 2009
Jun 212017
 

Hillary Clinton requested that FBI Dir. Mueller deliver highly enriched uranium to the Russians in 2009 in secret ‘plane-side tarmac meeting’

Hillary Clinton Requested FBI Director Mueller Deliver Highly Enriched Uranium To Russians In 2009

New Clinton-Mueller Russian uranium ties surface in a new Wikileaks release. Past dealings with the Russians were also mentioned in the cable.

As Secretary of State Hillary Clinton facilitated the transfer a highly enriched uranium (HEU) previously confiscated by the U.S. Department of Energy (DOE) during a 2006 “nuclear smuggling sting operation involving one Russian national and several Georgian accomplices,” a newly leaked classified cable shows.

So-called “background” information was provided in the cable which gave vague details on a 2006 nuclear smuggling sting operation in which the U.S. government took possession of some HEU previously owned by the Russians.

The secret “action request,” dated Aug. 17, 2009, was sent out by Secretary of State Clinton and was addressed to the United States Ambassador to Georgia Embassy Tbilisi, the Russian Embassy, and Ambassador John Beyrle. It proposed that FBI Director Robert Mueller be the one that personally conduct the transfer a 10-gram sample of HEU to Russian law enforcement sources during a secret “plane-side” meeting on a “tarmac” in the early fall of 2009.

The FBI Director was originally scheduled to ‘return’ a sample from the DOE stockpile to the Russians in April but the trip was postponed until September 21.

Paragraph number 6 of the leaked cable confirms Dir. Mueller’s Sept. 21 flight to Moscow.

FBI Director Mueller Deliver Highly Enriched Uranium To Russians

“(S/Rel Russia) Action request: Embassy Moscow is requested to alert at the highest appropriate level the Russian Federation that FBI Director Mueller plans to deliver the HEU sample once he arrives to Moscow on September 21. Post is requested to convey information in paragraph 5 with regard to chain of custody, and to request details on Russian Federation’s plan for picking up the material. Embassy is also requested to reconfirm the April 16 understanding from the FSB verbally that we will have no problem with the Russian Ministry of Aviation concerning Mueller’s September 21 flight clearance.”

But possible even more shocking is the fact that the State Department wanted the transfer of the HEU to take place on an “airport tarmac” which is rather reminisce of the infamous Loretta Lynch/Bill Clinton meeting which occurred on a Phoenix, Arizona, tarmac back in June of 2016.

Past dealings with the Russians were also mentioned in the cable, signifying that previous deals have taken place.

 
 
via

Smoking Gun: Hillary’s Intent Found

 Political  Comments Off on Smoking Gun: Hillary’s Intent Found
May 302017
 

If there was ever a smoking gun to be produced by WikiLeaks, this is it!

Smoking Gun: Hillary's Intent Found

Specifically, James Comey originally used the argument that the evidence found against Hillary was lacking an “intent” element, meaning they didn’t find she intended to break the law. Well, the WikiLeaks release of John Podesta’s emails contain all the “intent” we need.

HERE’S HOW IT BREAKS DOWN…

Zero Hedge put the pieces together by pointing out the following:
On March 2, 2015 The New York Times reported that Hillary Clinton used a personal email server as Secretary of State.

Later on March 2, 2015 Hillary Clinton’s top aide and attorney wrote John Podesta that “we are going to have to dump all those emails.”

HERE’S THE PROOF…

You can clearly see the email from John Podesta below to Cheryl Mills saying,“On another matter….and not to sound like Lanny, but we are going to have to dump all those emails so better to do so sooner than later”

Hillary's Intent Found

So there you have it folks! Comey’s ‘intent’ element has just been produced.

Zero hedge also points out that, “a search for Lanny Davis reveals the following curious exchange between Robby Mook and John Podesta from March 8, 2015, just days after the above mentioned exchange, in which Mook says:”

“We gotta zap Lanny out of our universe. Can’t believe he committed her to a private review of her hard drive on TV.”

Clearly, the Clinton camp had been hiding and destroying evidence the entire time and they have incriminated themselves for all of America to see.

The story of how Hillary’s “personal” emails came to be deleted using, the now infamous, BleachBit is quite the tale.  Below is an attempt to piece together how the story unfolded per the FBI disclosures.

Here is a quick summary of the timeline of events:

  • February 2013 – Hillary resigns from State Department
  • Spring 2013 – Hillary aide Monica Hanley backs up Pagliano Server to Apple MacBook and a thumb drive
  • February 2014 – Monica Hanley attempts to upload Hillary email archives to new Platte River Networks (PRN) server but encounters technical issues
  • Early 2014 – Monica Hanley mails Apple MacBook to Undisclosed PRN Staff Member to upload Hillary email archives to new PRN server.  Undisclosed PRN Staff Member then uploads Hillary’s emails to a gmail account and then transfers them over to the new PRN server.  The Undisclosed PRN Staff Member deletes most of the emails from gmail but indvertently leaves 940.
  • Early 2014Monica Hanley advises Undisclosed PRN Staff Member to wipe the Apple MacBook clean after uploading Hillary’s emails to the new PRN server but he forgets to do it
  • Early 2014 – Undisclosed PRN Staff Member mails Apple MacBook back to Clinton and it is promptly lost
  • December 2014 – Hillary delivers 55,000 emails to State Department
  • December 2014 / January 2015Heather Samuelson and Cheryl Mills request emails be deleted from their computer using BleachBit
  • December 2014 / January 2015“Unknown Clinton staff member” instructs PRN to remove archives of Clinton emails from PRN server
  • March 2, 2015 – NYT releases an article showing that Hillary used a personal email server in violation of State Department rules
  • March 4, 2015Hillary receives subpoena from House Select Committee on Benghazi instructing her to preserve and deliver all emails from her personal servers
  • March 25, 2015 – Undisclosed PRN Staff Member has a conference call with “President Clinton’s Staff”
  • March 25 – 31, 2015 – Undisclosed PRN Staff Member has “oh shit” moment and realizes he forgot to wipe Hillary’s email archive from the PRN server back in Decemberwhich he promptly does using BleachBit despite later admitting he “was aware of the existence of the preservation request and the fact that it meant he should not disturb Clinton’s e-mail data on the PRN server.”
  • June 2016 – FBI discovers that Undisclosed PRN Staff Member forgot to erase 940 emails from the gmail account he created to help with the PRN server upload

 

 
 
via

Shoot The Panda

 Political  Comments Off on Shoot The Panda
May 252017
 

Shoot the panda – 5 months before the Seth Rich murder!

An article from Vanity Fair January 24, 2016 titled Hillary Clinton Cannot Be Stopped contains an eerie reference to “Shoot the Panda”.

There is more evidence in this article that Hillary Clinton and the DNC murdered Seth Rich than there is that Trump colluded with Russia.

Where is the Special Prosecutor looking into this?

I’m just sayin’.

Panda was Seth Rich’s nickname.

Seth Rich Panda

 
 

HRC Camp Plotted To Smear Trump For A Putin “Bromance” Way Back In 2015

 Political  Comments Off on HRC Camp Plotted To Smear Trump For A Putin “Bromance” Way Back In 2015
May 172017
 

Is this the SMOKING GUN in the Trump Russia Fake News narrative?

HRC Camp Plotted To Smear Trump For A Putin Bromance Way Back In 2015

A Wikileaks email shows that Hillary Clinton’s campaign team was advised to link Russian President Vladimir Putin with Donald Trump in an apparent bid to distract voters from her strategy on ISIS.

The exchange of emails between Clinton campaign chair John Podesta and Clinton ally and columnist Brent Budowsky was among the batch of around 1,000 emails from Podesta’s account released by WikiLeaks on October 22, 2016.

In a December 21, 2015 email, Budowsky criticizes Clinton’s position on fighting ISIS before advising Podesta to draw Putin into her attacks on Donald Trump.

Wikileaks Email ID 25621 Brent Budowsky advises Podesta – to smear Trump with a Putin “Bromance”:

Russia Setup

Budowsky’s email follows a discussion with Podesta on how to best position the former secretary of state on the issue of tackling ISIS.

Budowsky warns that Clinton is not coming down strongly enough on fighting ISIS and that her support for Obama’s approach is a potential “death ray to her candidacy in a general election.”

“Walk back and escape from her statement that ‘finally we are where we need to be’ against ISIS. We are not where we need to be, we are far from it, most voters do not believe it, and when the next terror attack comes in America – which it certainly will – she will be branded in hot iron with that statement,” Budowski warns.

“She will never state what I believe we need to do – at least 20,000 ground troops with 3,000 American and at least 10,000 from Sunni Muslim nations – because she is consumed with keeping Obama’s goodwill and afraid of liberal backlash.”

Podesta counters: “Her reference was not to ISIS but to going after Assad diplomatically because of UNSC resolution passed Friday. We will make that clear. She has given two major speeches about how we are NOT where we need to be on ISIS.”

“That’s good, sooner it’s clarified the better, and the stronger the better,” Budowski replies, later adding: “Best approach is to slaughter Donald for his bromance with Putin, but not go too far betting on Putin re Syria.”

 
 

DNC Staffer Seth Rich Leaked 44K Emails to WikiLeaks Before His Murder

 Political  Comments Off on DNC Staffer Seth Rich Leaked 44K Emails to WikiLeaks Before His Murder
May 172017
 

Murdered DNC staffer Seth Rich believed to have leaked DNC emails to Wikileaks

DNC Staffer Seth Rich Leaked 44K Emails to WikiLeaks Before His Murder

New information has surfaced regarding the murder of Seth Rich, the Democratic National Committee staffer who was mysteriously killed last July in what Washington D.C. police claimed was a botched robbery despite no evidence to back the claim. After almost a year of conspiracy theories linking the staffer’s death to the DNC, private investigator Rod Wheeler has come forward with information indicating that those theories may not be too far off.

The former D.C. detective, hired by Rich’s family, indicated to local Fox affiliate Fox 5 that “there is tangible evidence on Rich’s laptop that confirms he was communicating with WikiLeaks prior to his death.” Wheeler believes the murder is being covered up and said a source inside the department told him D.C. police have been told not to investigate the case.

According to Wheeler:

The police department nor the FBI have been forthcoming. They haven’t been cooperating at all. I believe that the answer to solving his death lies on that computer, which I believe is either at the police department or either at the FBI. I have been told both.”

“I have a source inside the police department that has looked at me straight in the eye and said, ‘Rod, we were told to stand down on this case and I can’t share any information with you.’ Now, that is highly unusual for a murder investigation, especially from a police department. Again, I don’t think it comes from the chief’s office, but I do believe there is a correlation between the mayor’s office and the DNC and that is the information that will come out [Tuesday].”

Asked if his sources have told him that information exists linking Rich to Wikileaks, he said, “Absolutely. Yeah. That’s confirmed.”

Wikileaks founder Julian Assange gave no comment on the allegations but has not denied working with Rich and retweeted the breaking story shortly after it broke Monday evening. Wikileaks has offered a reward of $20,000 for information leading to the conviction of the murderer, and Assange previously implied Rich was involved in the leaks.

A spokesman for Rich’s family, Brad Bauman, stated Tuesday that the family had not authorized Wheeler to speak on their behalf and wanted to keep the focus on finding Seth’s murderers.

“Even if tomorrow, an email was found, it is not a high enough bar of evidence to prove any interactions as emails can be altered and we’ve seen that those interested in pushing conspiracies will stop at nothing to do so. We are a family who is committed to facts, not fake evidence that surfaces every few months to fill the void and distract law enforcement and the general public from finding Seth’s murderers,” said Bauman.

Regardless, Fox News released a separate, full report on Tuesday with new details on the investigation Tuesday morning, dropping the bombshell that a federal investigator has corroborated Wheeler’s claims. The outlet reported that “an FBI forensic report of Rich’s computer — generated within 96 hours after Rich’s murder — showed he made contact with WikiLeaks through Gavin MacFadyen, a now-deceased American investigative reporter, documentary filmmaker, and director of WikiLeaks who was living in London at the time, the federal source told Fox News.”

According to the report, “44,053 emails and 17,761 attachments between Democratic National Committee leaders, spanning from January 2015 through late May 2016, were transferred from Rich to MacFadyen before May 21.”

D.C. police insisted they’re working with the family to find the killers, offering a reward of $25,000 for information leading to the arrest and conviction of those responsible, while a separate reward of $130,000 has been offered by Republican lobbyist Jack Burman.

According to the anonymous federal investigator, he has “seen and read the emails between Seth Rich and WikiLeaks” and says the FBI is in possession of the damning evidence. It is important to note that the mainstream media, including the Washington Post, has been widely criticized for citing anonymous sources in its reporting on Russian election hacking claims.

Regardless, the FBI has not yet commented on the allegations.

Clinton Body Count

 
 
Source…

The CIA Implanted Microphones Into The Skin Of CATS

 Political  Comments Off on The CIA Implanted Microphones Into The Skin Of CATS
May 012017
 

The CIA tried to turn a CAT into a cyborg spy by implanting it with a microphone and antenna

The CIA Implanted Microphones Into The Skin Of CATS

The CIA once implanted microphones into a cat in a bizarre attempt to spy on Soviet Russia.

The cat had a microphone, antenna and battery pack surgically embedded into its skin so the feline could act as a covert recording device.

Recently declassified documents show how the scientists responsible for the cruel research were praised by spy chiefs for their ‘pioneering’ work.

Acoustic Kitty

The CIA once implanted microphones into a cat in a bizarre attempt to spy on Soviet Russia. Declassified documents reveal that the work was praised by CIA chiefs as a ‘remarkable scientific achievement’

The strange eavesdropping technique, though never used in the field, resurfaced this week when WikiLeaks tweeted a link to declassified CIA memos, first released in 2001.

The research was dubbed ‘Project Acoustic Kitty’ and cost $13 million (£10 million) over its five-year development in the 1960s.

The cat’s tail was used as an antenna with a wire travelling all the way up its spine to a microphone in the animal’s ear.

The equipment’s battery pack was sewn into the cat’s chest.

Victor Marchetti, a former CIA officer, told The Telegraph that year of the gruesome creation.

He said: ‘They slit the cat open, put batteries in him, wired him up’.

‘They made a monstrosity. They tested him and tested him.

‘They found he would walk off the job when he got hungry, so they put another wire in to override that,’ he added.

The final 1967 report on the project concluded it was non-practical, signalling the end of the research.

But the memo hailed the ‘remarkable scientific achievement’ reached by the American spy agency.

‘The work done on this problem over the years reflects great credit on the personnel who guided it,’ the document concluded.


The cats had microphones, antennae and battery packs surgically embedded into their skin so the felines could act as covert recording devices.

 
 
via

Fact-Sheet On Syria’s White Helmets

 Political  Comments Off on Fact-Sheet On Syria’s White Helmets
Apr 132017
 

Who are the White Helmets? This is a question that everyone should be asking themselves.

Fact-Sheet On Syria’s White Helmets

The White Helmets – here are a few facts that you need to know. Share this with your family and friends who rely on the Western Mainstream Media:

 
• The White Helmets, also called Syria Civil Defence, are not who they claim to be. The group is not Syrian; it was created with USA/UK funding under the supervision of a British military contractor in 2013 in Turkey.

• The name “Syria Civil Defence” was stolen from the legitimate Syrian organization of the same name. The authentic Syria Civil Defence was founded in 1953 and is a founding member of the International Civil Defense Organization (1958).

• The name “White Helmets” was inappropriately taken from the legitimate Argentinian relief organization Cascos Blancos / White Helmets. In 2014, Cascos Blancos / White Helmets was honored at the United Nations for 20 years of international humanitarian assistance.

• The NATO White Helmets are primarily a media campaign to support the ‘regime change’ goals of the USA and allies. After being founded by security contractor James LeMesurier, the group was “branded” as the White Helmets in 2014 by a marketing company called “The Syria Campaign” managed out of New York by non-Syrians such as Anna Nolan. “The Syria Campaign” was itself “incubated” by another marketing company named “Purpose”.

• The White Helmets claim to be “neutral, impartial and humanitarian” and to “serve all the people of Syria” is untrue. In reality, they only work in areas controlled by the violent opposition, primarily terrorists associated with Nusra/AlQaeda (recently renamed Jabhat Fath al Sham).

• The White Helmets claim to be unarmed is untrue. There are photos which show their members carrying arms and celebrating Nusra/AlQaeda military victories.

• The White Helmets claim to be apolitical and non-aligned is untrue. In reality they actively promote and lobby for US/NATO intervention in violation of the norms of authentic humanitarian work.

• The Right Livelihood description that “Syria Civil Defence” saved over 60,000 people and “support in the provision of medical services to nearly 7 million people” is untrue. In reality the zones controlled by terrorists in Syria have few civilians remaining. That is why we see “cat” video/media stunts featuring the White Helmets.

• The NATO White Helmets actually undermine and detract from the work of authentic organizations such as the REAL Syria Civil Defence and Syrian Arab Red Crescent.

• The recent Netflix movie about the White Helmets is not a documentary; it is a self promotional advertisement. The directors never set foot in Syria. The Syrian video, real or staged, was provided by the White Helmets themselves. From the beginning scenes showing a White Helmet actor telling his little boy not to give mommy a hard time until the end, the video is contrived and manipulative. The video was produced by a commercial marketing company Violet Films/Ultra Violet Consulting which advertises its services as “social media management”, “crowd building” and “campaign implementation”.

The true face of the White Helmets:


 

The REAL Syria Civil Defence

http://www.globalresearch.ca/the-real-syria-civil-defence-exposes-natos-white-helmets-as-terrorist-linked-imposters/5547528

Who are the Syria White Helmets?

http://21stcenturywire.com/2016/06/21/who-are-the-syria-white-helmets/

White Helmets Deceive Right Livelihood and CodePink

http://truepublica.org.uk/global/white-helmets-deceive-right-livelihood-codepink/

White Helmets cat video showing terrorist zone with no civilians.  “The homeowners abandoned this district and its kittens.”  How fake does it get?

https://www.youtube.com/watch?v=UkfcE-Drnas

White Helmets are caught staging rescue only to claim they were making a mannequin challenge video.

http://archive.is/5D2Ew

 


 

 
via

Wikileaks: CIA Malware For Windows “Grasshopper”

 Political  Comments Off on Wikileaks: CIA Malware For Windows “Grasshopper”
Apr 072017
 

RELEASE: CIA malware for Windows “Grasshopper” — which includes its own language

Wikileaks: CIA Malware For Windows "Grasshopper"

Grasshopper basically allows the Deep State to do anything it wants remotely to a Windows machine. It doesn’t seem to matter if it is Windows XP, Windows 7, Windows 8, or Windows Server versions 2003 or 2008. Almost all the attacks and hijacks bypassed the major intrusion detection systems (MS Security, Symantec, Kapersky, and Rising). No matter how locked down or safe you thought your Windows install was, you were wrong.

Oh even better. It looks like these were designed specifically to avoid the major security programs.

From Wikileaks:

Grasshopper

7 April, 2017

Today, April 7th 2017, WikiLeaks releases Vault 7 “Grasshopper” — 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems.

Grasshopper is provided with a variety of modules that can be used by a CIA operator as blocks to construct a customized implant that will behave differently, for example maintaining persistence on the computer differently, depending on what particular features or capabilities are selected in the process of building the bundle. Additionally, Grasshopper provides a very flexible language to define rules that are used to “perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration”. Through this grammar CIA operators are able to build from very simple to very complex logic used to determine, for example, if the target device is running a specific version of Microsoft Windows, or if a particular Antivirus product is running or not.

Grasshopper allows tools to be installed using a variety of persistence mechanisms and modified using a variety of extensions (like encryption). The requirement list of the Automated Implant Branch (AIB) for Grasshopper puts special attention on PSP avoidance, so that any Personal Security Products like ‘MS Security Essentials’, ‘Rising’, ‘Symantec Endpoint’ or ‘Kaspersky IS’ on target machines do not detect Grasshopper elements.

One of the persistence mechanisms used by the CIA here is ‘Stolen Goods’ – whose “components were taken from malware known as Carberp, a suspected Russian organized crime rootkit.” confirming the recycling of malware found on the Internet by the CIA. “The source of Carberp was published online, and has allowed AED/RDB to easily steal components as needed from the malware.”. While the CIA claims that “[most] of Carberp was not used in Stolen Goods” they do acknowledge that “[the] persistence method, and parts of the installer, were taken and modified to fit our needs”, providing a further example of reuse of portions of publicly available malware by the CIA, as observed in their analysis of leaked material from the italian company “HackingTeam”.

The documents WikiLeaks publishes today provide an insights into the process of building modern espionage tools and insights into how the CIA maintains persistence over infected Microsoft Windows computers, providing directions for those seeking to defend their systems to identify any existing compromise.

Leaked Documents

Grasshopper-v2_0_2-UserGuide
Grasshopper-v1_1-AdminGuide
StolenGoods-2_1-UserGuide
GH-Run-v1_1-UserGuide
GH-ServiceProxy-v1_1-UserGuide

 

“Grasshopper” re-installs itself every 22 hours by corrupting Windows Update… even if is disabled.


 

 

CIA Vault 7 Part 3 “Marble” Allows CIA To Cover Their Tracks!

 Political  Comments Off on CIA Vault 7 Part 3 “Marble” Allows CIA To Cover Their Tracks!
Mar 312017
 

Vault 7 Part 3: WikiLeaks releases the CIA ‘Marble’ dump

CIA Vault 7 Part 3 "Marble" Allows CIA To Cover Their Tracks
WikiLeaks has released the latest batch of documents detailing CIA hacking tactics. The third release, named ‘Marble’, contains 676 source code files for the agency’s secret anti-forensics framework.Marble Framework, which WikiLeaks explains is part of the CIA’s Core Library of malware, is used to hamper forensic investigators from attributing viruses, trojans and hacking attacks to the CIA. WikiLeaks said Marble was in use at the agency as recently as 2016.

WikiLeaks said Marble hides fragments of texts that would allow for the author of the malware to be identified. WikiLeaks stated the technique is the digital equivalent of a specialized CIA tool which disguises English language text on US produced weapons systems before they are provided to insurgents.

It’s “designed to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms” often link malware to a specific developer, according to the whistleblowing site.

The source code released reveals Marble contains test examples in Chinese, Russian, Korean, Arabic and Farsi.

“This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion,” WikiLeaks explains, “But there are other possibilities, such as hiding fake error messages.”

From Wikileaks:

Marble Framework

31 March, 2017

Today, March 31st 2017, WikiLeaks releases Vault 7 “Marble” — 676 source code files for the CIA’s secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

Marble does this by hiding (“obfuscating”) text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.

Marble forms part of the CIA’s anti-forensics approach and the CIA’s Core Library of malware code. It is “[D]esigned to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop.

The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.

The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.

 
via