WikiLeaks has released a new series of leaks, called Vault 8, that contains source code and analysis for software designed to run on servers controlled by the CIA.
WikiLeaks said there are no 0-day or similar security vulnerabilities which could be exploited by others.
An excerpt from the Vault 8 series includes details on Hive, a major component of the CIA infrastructure to control its malware:
“Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention. Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet. Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.”
The CIA also wrote source code and fake Kasperky Labs certificates used to authenticate malicious implants developed by the CIA. The Vault 8 release follows the Vault 7 series released back in March 2017, that included CIA Hacking tools.