UPDATED 23:59 EDT / AUGUST 31 2017

INFRA

Wikileaks gets hacked on the same day it dumps CIA hacking tools data

In a supreme bit of irony, Wikileaks has been hacked on the same day it dumped data on a number of Central Intelligence Agency hacking tools.

The data dump, part of Wikileaks’ Vault7 release series of secret government hacking tools, unveiled a CIA program called Angelfire. It consists of a five-part framework that can be used to maintain a persistent backdoor on an infected machine and install custom software on the same machine should the agency require it.

According to a statement from Wikileaks, the five Angelfire components, named Solartime, Wolfcreek, Keystone, BadMFS and the Windows Transitory File system, deliver a variety of functions to the CIA. Solartime modifies the partition boot sector of the machine, allowing Wolfcreek to load and execute implants. Keystone then loads malicious user applications on the targeted computers, while BadMFS and the Windows Transitory File system deliver alternative methods of access. In all cases, the hacking software has been designed to be undetectable by the victim.

Having disclosed a new CIA hacking tool, Wikileaks itself was then hacked by the folks at the sometimes amusing, always strange hacking group OurMine. They’re the same people behind the hacking of Facebook Inc. Chief Executive Mark Zuckerberg, Google Inc. CEO Sundar Pichai, Oculus CEO Brendan Iribe, a number of YouTube stars and most recently the PlayStation Network.

In what appeared to be another attention-seeking hack more than one with any malicious intent, OurMine defaced the front page of Wikipedia, whose founder is the controversial Julian Assange (pictured), with a message that read, “Hi, it’s OurMine (Security Group), don’t worry we are just testing your … blablablab, oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you?”

The message continued: “Anonymous, remember when you tried to dox us with fake information for attacking wikileaks? There we go! One group beat you all! #WikileaksHack lets get it trending on twitter!”

OurMine’s true intentions have never been fully clear. Putting aside that the group uses its website to advertise security services for companies that want to secure their social accounts, its hacks have always targeted high-profile people and companies but have never been malicious. It could be a case of a highly creative if illegal marketing campaign, but given it always seems to add witty messages to its hacks, there’s a good chance they’re doing it for the lulz as well.

Photo: New Media Days/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.