What is reportedly new CIA source code was released by WikiLeaks.
It paints a very interesting picture of how the CIA secretly siphons information from computers and networks.
The agency apparently fakes digital certificates so it can hide the fact it is grabbing information, according to Wikileaks.
"Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated."
You can see the WikiLeaks source code here, which is part of what it calls Vault 8.
Eugene Kaspersky reacted to the news on Twitter.
There are many questions that come from all of this.
If the CIA is operating this way might other governments be doing the same thing?
And how do we know we can trust our certificates?
