Not only were the C.I.A. using hacked hacking tools but it also appears as though they were using @Wikileaks as a research tool just after HackingTeam, a cybersecurity firm, were hacked revealing thousands of documents showing their direct involvement in selling offensive security services, including malware and zero day exploits, to national security organisations, security services, law enforcement and repressive regimes.

 

Hacking Team Hacked: Documents Show Company Sold Exploits And Spyware To UN-Blacklisted Governments | Tech Dirt - Jul 6th 2015

Hacking Team -- purveyor of exploits and spyware to a variety of government agencies all over the world -- has been hacked. Late Sunday night, its Twitter account name was changed to "Hacked Team" and its bio to read:
Developing ineffective, easy-to-pwn offensive technology to compromise the operations of the worldwide law enforcement and intelligence communities.

 

How Hacking Team got hacked | ArsTechnica - 4/19/2016

Private intelligence contractor Hacking Team develops and sells hacking tools to governments around the world, a practice many have questioned as enabling human rights violations.
"Hacking Team was a company that helped governments hack and spy on journalists, activists, political opposition, and other threats to their power," Phisher wrote, accusing Hacking Team CEO David Vincenzetti of being a "fascist."

HackingTeam Emails | Wikileaks

 
 
Vault 7 is a substantial collection of material about CIA activities obtained by WikiLeaks. This is currently referring to part1 of the Wikileaks Vault7 release which is a Wiki type system named "Year Zero" that contains 7818 web pages with 943 attachments from the internal development groupware. Part one was obtained recently and covers 2013 - 2016. Details on the other parts will be available at the time of publication.

Fast forward a few years and we now see that 2 months after the HackingTeam hack the CIA decided upon a 'Large Scale Triage' of all of the data dump. Not just the code in the GitHub repositories. This would of included Wikileaks HackingTeam email archive.

 

Vault 7 > Year Zero Internal Development Groupware Wiki > Hacking Team Source Dump Map | Wikileaks

**Introduction
Approximately 400GB of data from Hacking Team's infrastructure was publicly released as a torrent. Additionally, it appeared as though Hacking Team's source code repositories were, in fact, included in the 400GB of released data. Fifty-three (53) GIT code repositories which were in the data dump were copied to the public code sharing site known as GitHub. The code contained in these repositories reportedly included source code to Hacking Team's product line(s) and support code.

Initial Review
In August of 2015, we performed an initial review of a few selected repositories that were obtained from GitHub. These specific repositories contained source code which was focused on the implementation of implants for the Windows platform. This source code demonstrated a variety of capabilities (e.g., audio capture). "Capability" maps were created which mapped a certain capability (e.g., browser credential stealing) to individual source files found in the repositories.

Large Scale Triage
In the latter part of September 2015, it was decided that an expanded review of the publicly dumped Hacking Team data (not just the code repositories) was warranted.
The data dump includes everything anyone could imagine that a company would have in their infrastructure. This ranges from business documents (e.g., ~8,500 Word files, ~6,400 Excel spreadsheets), to various source code found in individual revisions.

• Wiki page path: Remote Development Branch (RDB)>RDB Home>Personnel>Umbrage>Hacking Team Source Dump Map.

• Note that the HackingTeam page is in the RDB page tree.

The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation. - Wikileaks

 
More to come...

 

ITS TIME TO POKE THE BEAR