Kaspersky Lab IT company has come under increased pressure in the US amid accusations concerning its alleged work for Russian intelligence, a claim denied as false.
Wikileaks has revealed that CIA had written a code to “impersonate” Russia-based Kaspersky Lab, which had been used at least three times.
According to the whisteblowing organization’s press release dedicated to Vault-8 documents, “WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.”
WikiLeaks has explained that “Hive” source code ensured the covert delivery of gathered intelligence to the CIA, which allows the US intelligence to impersonate other entities in order to mask its presence.
“The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated,” WikiLeaks said.
According to the “Hive” release by Wikileaks as part of Vault-7, the virus control system “provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.”
READ MORE: New Wikileaks ‘Vault-7’ Batch Reveals Top Secret CIA Virus Control System HIVE
On March 7, WikiLeaks released the first part of what it called an unprecedentedly large archive of CIA-related classified documents, comprising various viruses, malware, software vulnerability hacks and relevant documentation, which was initially uncovered by US government hackers. As Wikileaks has gained access to some of the data from the trove, the White House has condemned the leaks, stressing that those responsible for leaking classified information should be held accountable in accordance with the law.