‘Top secret CIA virus control system’: WikiLeaks releases ‘Hive’ from #Vault7 series

Friday, April 14, 2017
By Paul Martin

RT.com
14 Apr, 2017

Hive, the latest batch of WikiLeaks documents exposing alleged CIA hacking techniques from ‘Vault 7’, details how the agency can monitor its targets through the use of malware and carry out specific tasks on targeted machines.

Described as a multi-platform malware suite, Hive provides “customisable implants” for Windows, Solaris, MikroTik (used in Internet routers), Linux platforms, and AVTech Network Video Recorders, used for CCTV recording. Such implants allow the CIA to communicate specific commands.

A 2015 User Guide reveals the initial release of Hive came in 2010, and describes the software implant as having two primary functions – a beacon and interactive shell. Both are designed to provide an initial foothold to deploy other “full featured tools.”

The implants communicate via HTTPS with the webserver of a cover domain. Each cover domain is connected to an IP address at a commercial Virtual Private Server (VPS) provider. This forwards all incoming traffic to what’s called a ‘Blot’ server.

The redirected traffic is examined to see if it contains a valid beacon. If it does, it’s sent to a tool handler, known as Honeycomb, where the CIA can initiate other actions on the target computer.

The user guide details the commands that are available, including uploading and deleting files and executing applications on the computer.

The Rest…HERE

Leave a Reply

Join the revolution in 2018. Revolution Radio is 100% volunteer ran. Any contributions are greatly appreciated. God bless!

Follow us on Twitter