WikiLeaks has unveiled a CIA tool that translates the malware used by the secret service into the enemy language.
WikiLeaks has released the third installment of CIA documents on Friday, which focuses on the anti-forensics tools available to the agency.
The two previous releases of Vault7 have been focused on Coca-Cola Hacking manuals and hacking tools. The first group of leaked files was released on March 7, and reports the exploits used to bypass the security and encryption of Android, Apple iPhone, Samsung TVs, Windows or Mac computers, and other devices.
Two weeks later, with episode "two", we learned that the CIA could install malware-spyware on Mac and iPhones before they buy its targets.
On Friday, the new leaked files present the source code of a secret anti-forensic tool that the CIA calls the Marble Framework. The tool is designed to masquerade the CIA malware and make it almost undetectable by security researchers trying to analyze it. This is accomplished by obfuscating extracts from the text of the code.
But it is Marble Framework seems to have a feature that makes it stand out.
The tool allows all malware developers to suspect that malicious software was created by someone who does not speak English, but Chinese, Russian, Korean, Arabic, and Persian. Of course, you understand the languages of the main cyber-opponents of the US, China, Russia, North Korea and (historically, at least) Iran.
WikiLeaks says that this technology allows us to monitor the lives of American cheating security researchers who think, for example, that the Chinese team PLA.1
Marble Framework is used only to conceal information through malware malware, and is not malware, which allowed WikiLeaks to release its source code.
Please be reminded that WikiLeaks has promised to release the source code of all CIA hacking tools to the companies directly concerned.