The WikiLeaks revealed a CIA tool that translates the malware used by the secret service into the language of the enemy.
WikiLeaks has released the third installment of CIA documents on Friday, which focuses on the anti-forensics tools available to the agency.
The two previous releases of Vault7 have been focused on Coca-Cola Hacking manuals and hacking tools. The first group of leaked files was released on March 7, and reports on exploits used to bypass security and encryption on Android devices, Apple iPhones, Samsung TVs, PCs with Windows or Mac, and other devices.
Two weeks later, with episode "two", we learned that the CIA could install malware-spyware on Mac and iPhones before they buy its targets.
The newly leaked files show the source code of a secret anti-forensic which the CIA calls the Marble Framework. The tool is designed to disguise CIA malware and make it nearly undetectable by security researchers trying to analyze it. This is achieved by obfuscating snippets of the code text.
But it is Marble Framework seems to have a feature that makes it stand out.
The tool gives malware developers all the means to pretend that the malware was created by someone who doesn't speak English, but Chinese, Russian, Korean, Arabic and Farsi. Of course as you understood they are the languages of the main cyber-adversaries of the US, China, Russia, North Korea and (historically, at least) Iran.
WikiLeaks says that this technology allows us to monitor the lives of American cheating security researchers who think, for example, that the Chinese team PLA.1
Marble Framework is only used to hide information through malicious disguise software, and is not malware, which allowed WikiLeaks to release its source code.
Please be reminded that WikiLeaks has promised to release the source code of all CIA hacking tools to the companies directly concerned.
