Wikileaks Releases Source Code Files of CIA’s Secret, Anti-Forensic “Marble Framework”
March 31, 2017 — Wikileaks continued to unload files from Vault 7, their giant cache of CIA documents that reveal many of their hacking and cyber warfare capabilities. The most recent release addresses the CIA’s anti-forensic Marble Framework.
In previous Vault 7 releases, Wikileaks unearthed details surrounding the CIA’s secretive hacking tools and how these digital tools were eventually lost by the government. The releases have revealed the CIA’s ability to hack consumer electronics to for purposes of espionage, data gathering, and even assassination. The implications of the findings are absolutely staggering.
The Marble Framework release exposes by what means the CIA prevents forensic detectability. The release states, “Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.”
This is reminiscent of earlier findings that revealed the CIA’s ability to misappropriate cyber attacks. Some have speculated that the CIA utilized this particular cyber tool to ascribe blame to the Russian government for their own illegal hacking and espionage.
The release continues:
The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.”
In other words, this program allowed for the CIA to “obfuscate” digital information that would point back to them in the event of a forensic investigation. As it turns out, the program also assisted the CIA to reverse this obfuscation process for other entities that may have attacked the CIA.
And the CIA had utilized this framework as recently as 2016.
Wikileaks goes on to state:
The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.”
Instead of merely obscuring their identity from a forensic investigation, through their Marble Framework, the CIA was also able to redirect blame to other foreign entities. Sound familiar?
Meanwhile, in spite of this knowledge, the lying media and their incorrigible lapdog “journalists” continue their nonsense about a Russian involvement in the presidential election. An election that was that Hillary’s pathetic campaign demonstrably did influence.
These Marble Framework leaks reveal that even so-called “evidence” is, in the digital realm, not so evident.