The deeper story behind CIA's attempt to 'impersonate' Russian cybersecurity company using hacking tool Hive

In 9 November 2017, WikiLeaks published the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.

According to WikiLeaks, Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.

Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.

This CIA cybertool could be proven very useful for accusing foreign agencies and organizations for hacking US facilities and processes, but beyond that, there is a deeper reason for which CIA has targeted the specific Russian company and it is related to the first discovered malware that spies on and subverts industrial systems.

Former British intelligence officer and Whistleblower, Annie Machon, reveals why CIA has targeted Kaspersky Lab:

Obviously, the CIA will be interested in a very successful Russian-based company that offers protection on the Internet. But it goes back a bit further because, it was 2010 the very first proven cyberwarfare weapon was deployed. And this was against the Iranian domestic civilian nuclear development capability. And this was at the time when the Americans were drumming up the war against Iran.

There was an attack made against their civilian nuclear capability, and in this case, this virus, which was called Stuxnet, was deployed against the centrifuges that enriched the Uranium. Nobody knew where it came from. It seemed to be very weaponized, a state level. And it was actually Kaspersky that unveiled who had developed it. It was the Americans and the Israeli intelligence agencies. So, Kaspersky has been very much in the cross-chairs of both the American and the Israeli intelligence agencies.

From Wikipedia, Stuxnet is a malicious computer worm, first uncovered in 2010 by Kaspersky Labs, the antivirus company. Thought to have been in development since at least 2005, stuxnet targets SCADA systems and was responsible for causing substantial damage to Iran's nuclear program. Although neither country has admitted responsibility, since 2012 the worm is frequently described as a jointly built American/Israeli cyberweapon.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems. While it is not the first time that hackers have targeted industrial systems, nor the first publicly known intentional act of cyberwarfare to be implemented, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

Comments

Gaza 2 Years On: Yanis Varoufakis & Katie Halper on the Flotilla, Israel's PR Machine & What’s Next

DiEM25 Two years since October 7, Katie Halper (‪@TheKatieHalperShow‬) and Yanis Varoufakis join host Mehran Khalili to break down Israel’s genocide in Gaza, the latest on the flotilla, Israel’s influencer PR push, and the “peace plan”.

Capitalism & Genocide - Yanis Varoufakis Speech at the Gaza Tribunal, 23rd October 2025, Istanbul

Yanis Varoufakis On 23rd October, Yanis Varoufakis testified in front of the Jury of Conscience in the context of the Gaza Tribunal. His speech focused on the economic forces underpinning the genocide of the Palestinian people. In particular, he spoke on the manner in which capitalist dynamics have historically fuelled the white settler colonial project and, more recently, how the accumulation of a new form of capital - which he calls cloud capital - has accelerated, deepened and amplified the economic forces powering and propelling the machinery of genocide.

The Rise of the Thielverse & the Surveillance State

The Chris Hedges YouTube Channel Whitney Webb traces the Thielverse’s rise and the construction of the bipartisan modern surveillance state that Trump and his benefactors are deploying against dissidents and immigrants today.

World leaders rebel against US & Israel: to save Gaza, they demand international intervention

Geopolitical Economy Report Leaders from dozens of countries condemned the USA and Israel in their speeches at the UN General Assembly, demanding international intervention to save Gaza. Diplomats staged a mass walkout to protest Netanyahu's speech. Ben Norton shows how Latin American governments are standing in solidarity with Palestine.

Freedom Flotilla Coalition & Thousand Madleens to Gaza sailing to break the siege

Freedom Flotilla Coalition The next wave is already being prepared, help us buy the boats and get them ready to sail!

Προβλέψεις ...

GR elections Update (15/9): Αναθεωρημένες προβλέψεις (μετά το δεύτερο debate): ΣΥΡΙΖΑ 28-30% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 11-13% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 2,5-3% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ + ΔΗΜΑΡ 3-4% ΑΝΕΛ 2,5-3,5% Update (11/9): Αναθεωρημένες προβλέψεις (μετά το πρώτο debate): ΣΥΡΙΖΑ 25-28% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 11-13% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 3,5-4% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ + ΔΗΜΑΡ 3-4% ΑΝΕΛ 2,5-3,5% Update (04/9): Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 23-25% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 12-15% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 3,5-4% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ 3-4% ΑΝΕΛ 2,5-3,5% Update (29/8): Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 23-25% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 12-15% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 4-4,5% ΠΟΤΑΜΙ 4-4,5% ΠΑΣΟΚ 3-4% ΑΝΕΛ 2,5-3,5% Update : Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 26-27% ...

A response to misinformation on Nicaragua: it was a coup, not a ‘massacre’

There is so much misinformation in mainstream corporate media about recent events in Nicaragua that it is a pity that Mary Ellsberg’s article for Pulse has added to it with a seemingly leftish critique. Ellsberg claims that recent articles, including from this website, often “ paint a picture of the crisis in Nicaragua that is dangerously misleading. ” Unfortunately, her own article does just that. It looks at the situation entirely from the perspective of those opposing Daniel Ortega’s government while whitewashing their malevolent behavior and downplaying the levels of US support they have relied on. Her piece is an incomplete depiction of what is happening on the ground, ignoring many salient facts that have come to light and which have been outdated by recent events. The following is a brief response to Ellsberg’s main points from someone who lives in Nicaragua and has observed the situation directly and intimately: https://grayzoneproject.com/2018/08/15/a-res...

The REAL reason why Trump is attacking Latin America

Geopolitical Economy Report The Donald Trump administration seeks to forcibly impose the US empire's hegemony in Latin America, waging war on Venezuela, imposing sanctions on Colombia's President Gustavo Petro, hitting Brazil with tariffs, and meddling in Argentina's election. Ben Norton explains how Trump and Marco Rubio are trying to cut off all western hemisphere ties with China and Russia, bringing back the colonial Monroe Doctrine, now known as the Donroe Doctrine.

Greta Thunberg Blasts Israel, 'Complicit' World Leaders After Release From Israeli Jail

DRM News Greta Thunberg delivered a fiery speech in Athens after her release from Israeli detention, calling Israel’s Gaza actions a “live-streamed genocide” and urging governments to “end complicity and arms transfers.” Speaking to thousands, she condemned global silence and vowed to keep fighting for Palestine through the Global Sumud Flotilla. Greta Thunberg and 27 Greek nationals arrive in Athens following their deportation from Israel after the Global Sumud Flotilla's interception en route to Gaza. Hear accounts of detention, aid blockade challenges, and calls for justice.

How Western media helped build and then protect the Israeli narrative that allowed a genocide to continue

globinfo freexchange For two years, Palestinians in Gaza have been killed in 4K on all of our screens. And for those same two years, many of the Western media institutions meant to hold power to account chose silence, distortion and doubt. Newsrooms repeated Israel's allegations with no pushback, ignored the evidence of genocide even as it played out live. This isn't a story about bias or mistakes. It's a story about how Western media helped build and then protect the Israeli narrative that allowed a genocide to continue. So, how many Palestinian lives have been lost because the world's news outlets chose to repeat Israel's narrative instead of questioning it? From the earliest days following October 7th, Israel's talking points were treated as fact. The now disproven claims of 40 beheaded babies and the story that Hamas used Palestinian civilians as human shields revived with every bombing of a hospital or school despite the mountain of evidence that it...

the unbalanced evolution of homo sapiens

Search This Blog