Wikileaks Vault 7 / Year 0 release part 1

in wikileaks •  2 years ago

Wikileaks just started a livestream event on facebook 4 minutes ago - currently just a hold pattern with a sort of military march whistle music going.

Watch this space -

The best coverage I've seen on steemit so far regarding this is from @noagenda in "Steemian brace youself ... Wikileaks Relasing Encrypted "Vault 7" Torrent, Will give Password Today 2:00pm GMT / 9:00am EST"

I'll update this with notes as the stream progresses - lets hope the release is worthy of all this hype.

Update: This video intro did say vault 7 with todays date, has now been changed to say January but its definitely the right thread someone just failed here I think.

Update 2: Password released ! SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

Update 3: New wikileaks release page - This is set to be the "largest intelligence publication in history". I'm digging through now - holy shit I'm not sure where to start. They've exposed shitloads of the CIA zero-day vulnerabilities and toolkits!

Update 4: Holy shit I think they may have actually released some of the tools - cover your bum and take anything uber sensitive off the interwebs for the next while shits about to get crazy. There's a LOT of files in here and I don't know where to begin.

The livestream itself has apparently been compromised according to their twitter - its still just music with an incorrect date as if the stream was swapped for an older one.

I'm moving the files to a more secure nested VM setup so I can analyse some of the binary files better

Update 5: Here's a few summary images posted by wikileaks on twitter

These are the 10 largest files in the archive :
[user@research wikileaks]$ du -a . | sort -n -r | head -n 50
1480384 .
525656 ./WikiLeaks-Year-Zero-2017-v1.7z
43888 ./IE10-Windows6.1-KB3032359-x64.msu
37956 ./TY2SZxA - Imgur.gif
34708 ./Wireshark-win64-1.12.1.exe
32848 ./Dia-0.97.2-7.dmg
30160 ./IE9-Windows6.1-KB3032359-x64.msu
22740 ./[MS-PPT].pdf
21072 ./[MS-DOC].pdf
20312 ./UEFI 2_5.pdf
19728 ./Windows6.1-KB3032359-x64.msu

This dump seems to cover files from between 2013 and 2016 with a lot of placeholders for stuff wikileaks isn't ready to release yet. It also has a lot of the research done by Kaspersky Labs into "The Equation Group" and "Duqu", described as "Advanced Persistent Threats". Seems like they're tracking other peoples research into their own toolkits.

After a closer look, a lot of the binary files I've found so far seem to belong to tools that had been released publicly already . I'm not sure if the windows update files are legit, or compromised versions that they put into systems they want to take over.

There are definitely parts of this archive being held back whilst wikileaks analyzes further - I'm especially keen to find more information about the CandyMountain, Grasshopper, MagicVikings and Assassin packages as so far these are only released as PDF's of the file listings with a note they may be released by Wikileaks in the near future.

Theres also a lot of random memes, and references to things like "Abstergo industries" (a company in the Assassins Creed game series) and Black Mesa research facility (a secretive military base that opens dimensional portals in the Half Life game series) .

This diagram shows the subset of the CIA that this particular datadump is from :

It's already nearly 1am here - I'll be digging through these for a bit longer yet but it's going to take time to process all this and make a coherent post out of it all.

I'll upvote, resteem and promote quality posts about this release - just make sure to tag it #vault7 , or message me via .

Update 6: I've upvoted and resteemed a heap of the best relevant posts this morning, and decided that instead of burning the SBD on promotion I'll just send everyone I resteemed a little tip. I really didn't expect this post to do as well as it did - thanks for the support guys :)

Lets connect !
steemit / twitter / / keybase
I also made :
steemviz / steemvids / steemcap / steemleak / promo

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

This might be a great opportunity to promote Steemit. If anybody writes good quality posts about this topic, please everybody share them all over the internet.

People who are interested in this kind of stuff are also potential Steemit users. Blockchain is a great place to discuss stuff like this.


Definitely - stuff like this is a perfect use case for Steemit imo and we should always jump on every opportunity to discuss things that get censored elsewhere. The more controversial the better :)


I wrote an article specifically about the phone exploits. I tried to keep it simple, so people who are not tech savvy will understand. I agree, good way for Steemit to get exposure via this discussion.


Shared on twitter


Yes. I agree

CIA loses control of its Cyber Weapons

Could be widespread.

Russian Hacker narrative weakened further.


FFS...CIA malware bypasses Signal too??

Dude says in the comments, we should go back to nokia brick phones...might have to go back to carrier pigeons


"Russian Hacker narrative weakened further." !!


wikileaks WikiLeaks tweeted @ 07 Mar 2017 - 13:09 UTC

RELEASE: Vault 7 Part 1 "Year Zero": Inside the CIA's global hacking force

wikileaks WikiLeaks tweeted @ 07 Mar 2017 - 13:06 UTC

RELEASE: CIA Vault 7 Year Zero decryption passphrase:


Disclaimer: I am just a bot trying to be helpful.

WOW! This is a fantastic share on our platform, thank you so very much for it. All for one and one for all! Looking forward to see the wave this one is going to make in our world... Namaste :)

Uploading a video about this right now. This is some serious shit.



take anything uber sensitive off the interwebs for the next while shits about to get crazy.


I hope people aren't leaving too much on exchanges lately.

I had to make some early collage art efforts in response to Vault 7

Can't wait to see what more comes out of this.

Watching a Wikileaks stream on Facebook.. I believe that is the ultimate irony.


Yeah, putting it on FB was a terrible move from an opsec/privacy standpoint and I've put another point in my "signs wikileaks is compromised" notes :o/

As neat as this release is - what I've seen so far only reinforces the perceived power of the US govt and isn't anything that people that have been paying attention weren't already assuming they were doing..


True. But in my experience, most people are willfully ignorant. It's quite painful to watch the brainwashed stumble through life.


Thanks - following back, you seem like an interesting character and I'm kinda surprised I haven't seen your posts this whole time tbh. Awesome name :)


Nice one :D

Good to be connected

CIA really seemed to like Obama's attitude towards them :


That picture in in the leak, was wondering from where it was from.

Shoot, I almost fell off the chair...

As anybody been able to open the Torrent file, yet?


Yes, thats discussed above ;) Password was released early when the livestream got hijacked


I read you think they might have ''realeased some of the tools'', so I guess you must have seen the files. I tried following the instructions with the Torrent file, a 7zip software, and the password, but it won't work for me, however I try. Anyway, by looking at the documents, I can tell that all of the stuff being release is not in my field of expertise, so I think I'll continue following this story by reading your findings/blogs. :-)


Strange, I unlocked using "7za" in linux and winrar on windows.. The main wiki release page seem to be the same files as in the torrent anyways, in the same file layout. Kinda neat way of doing it, they copied the whole "cms" folder it seems.

I'm sure we're going to hear a whole lot more about this stuff for a while yet as people pick this release apart..


I started trying on Windows XP, then ended up on my Windows 10 computer because I read something somewhere about Windows 7 & after being required, but still same result for me: some message to the effect that it cannot be archive. Thanks for clearing out for me that it must be the same files. I prefer reading it on the Wikileaks website than on my computer, since people were talking about opening it on a Virtual Machine for security reasons.


Thanks! nice info!