The deeper story behind CIA's attempt to 'impersonate' Russian cybersecurity company using hacking tool Hive

In 9 November 2017, WikiLeaks published the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.

According to WikiLeaks, Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.

Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.

This CIA cybertool could be proven very useful for accusing foreign agencies and organizations for hacking US facilities and processes, but beyond that, there is a deeper reason for which CIA has targeted the specific Russian company and it is related to the first discovered malware that spies on and subverts industrial systems.

Former British intelligence officer and Whistleblower, Annie Machon, reveals why CIA has targeted Kaspersky Lab:

Obviously, the CIA will be interested in a very successful Russian-based company that offers protection on the Internet. But it goes back a bit further because, it was 2010 the very first proven cyberwarfare weapon was deployed. And this was against the Iranian domestic civilian nuclear development capability. And this was at the time when the Americans were drumming up the war against Iran.

There was an attack made against their civilian nuclear capability, and in this case, this virus, which was called Stuxnet, was deployed against the centrifuges that enriched the Uranium. Nobody knew where it came from. It seemed to be very weaponized, a state level. And it was actually Kaspersky that unveiled who had developed it. It was the Americans and the Israeli intelligence agencies. So, Kaspersky has been very much in the cross-chairs of both the American and the Israeli intelligence agencies.

From Wikipedia, Stuxnet is a malicious computer worm, first uncovered in 2010 by Kaspersky Labs, the antivirus company. Thought to have been in development since at least 2005, stuxnet targets SCADA systems and was responsible for causing substantial damage to Iran's nuclear program. Although neither country has admitted responsibility, since 2012 the worm is frequently described as a jointly built American/Israeli cyberweapon.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems. While it is not the first time that hackers have targeted industrial systems, nor the first publicly known intentional act of cyberwarfare to be implemented, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

Comments

Gaza 2 Years On: Yanis Varoufakis & Katie Halper on the Flotilla, Israel's PR Machine & What’s Next

DiEM25 Two years since October 7, Katie Halper (‪@TheKatieHalperShow‬) and Yanis Varoufakis join host Mehran Khalili to break down Israel’s genocide in Gaza, the latest on the flotilla, Israel’s influencer PR push, and the “peace plan”.

World leaders rebel against US & Israel: to save Gaza, they demand international intervention

Geopolitical Economy Report Leaders from dozens of countries condemned the USA and Israel in their speeches at the UN General Assembly, demanding international intervention to save Gaza. Diplomats staged a mass walkout to protest Netanyahu's speech. Ben Norton shows how Latin American governments are standing in solidarity with Palestine.

Freedom Flotilla Coalition & Thousand Madleens to Gaza sailing to break the siege

Freedom Flotilla Coalition The next wave is already being prepared, help us buy the boats and get them ready to sail!

The Rise of the Thielverse & the Surveillance State

The Chris Hedges YouTube Channel Whitney Webb traces the Thielverse’s rise and the construction of the bipartisan modern surveillance state that Trump and his benefactors are deploying against dissidents and immigrants today.

Capitalism & Genocide - Yanis Varoufakis Speech at the Gaza Tribunal, 23rd October 2025, Istanbul

Yanis Varoufakis On 23rd October, Yanis Varoufakis testified in front of the Jury of Conscience in the context of the Gaza Tribunal. His speech focused on the economic forces underpinning the genocide of the Palestinian people. In particular, he spoke on the manner in which capitalist dynamics have historically fuelled the white settler colonial project and, more recently, how the accumulation of a new form of capital - which he calls cloud capital - has accelerated, deepened and amplified the economic forces powering and propelling the machinery of genocide.

Προβλέψεις ...

GR elections Update (15/9): Αναθεωρημένες προβλέψεις (μετά το δεύτερο debate): ΣΥΡΙΖΑ 28-30% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 11-13% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 2,5-3% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ + ΔΗΜΑΡ 3-4% ΑΝΕΛ 2,5-3,5% Update (11/9): Αναθεωρημένες προβλέψεις (μετά το πρώτο debate): ΣΥΡΙΖΑ 25-28% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 11-13% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 3,5-4% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ + ΔΗΜΑΡ 3-4% ΑΝΕΛ 2,5-3,5% Update (04/9): Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 23-25% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 12-15% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 3,5-4% ΠΟΤΑΜΙ 2,5-3,5% ΠΑΣΟΚ 3-4% ΑΝΕΛ 2,5-3,5% Update (29/8): Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 23-25% ΛΑΕ + ΣΧΕΔΙΟ Β' κ.λ.π. 20-23% ΝΔ 12-15% ΧΑ 6-8% ΚΚΕ 5-5,5% ΕΝΩΣΗ ΚΕΝΤΡΩΩΝ 4-4,5% ΠΟΤΑΜΙ 4-4,5% ΠΑΣΟΚ 3-4% ΑΝΕΛ 2,5-3,5% Update : Αναθεωρημένες προβλέψεις: ΣΥΡΙΖΑ 26-27% ...

WikiLeaks reveals that literally every router in America has been compromised

The latest Wikileaks Vault7 release reveals details of the CIA’s alleged Cherry Blossom project, a scheme that uses wireless devices to access users’ internet activity. globinfo freexchange As cyber security expert John McAfee told to RT and Natasha Sweatte: Virtually, every router that's in use in the American home are accessible to hackers, to the CIA, that they can take over the control of the router, they can monitor all of the traffic, and worse, they can download malware into any device that is connected to that router. I personally, never connect to any Wi-Fi system, I use the LTE on my phone. That's the only way that I can be secure because every router in America has been compromised. We've been warning about it for years, nobody pays attention until something like WikiLeaks comes up and says 'look, this is what's happening'. And it is devastating in terms of the impact on American privacy because once the router...

Confirmed: US imperialists wanted to drag Russia into a war with Ukraine since at least 2019

globinfo freexchange As we wrote in our previous article, after almost eight years, the US imperialists and the NATO criminals got what they wanted. They finally managed to drag Russia into a war with Ukraine. We now have indisputable evidence for that, through a document by the top US think tank, RAND Corporation. In the preface of a 2019 report under the title Extending Russia, Competing from Advantageous Ground we read: [emphasis added] The purpose of the project was to examine a range of possible means to extend Russia. By this, we mean nonviolent measures that could stress Russia’s military or economy or the regime’s political standing at home and abroad. The steps we posit would not have either defense or deterrence as their prime purpose, although they might contribute to both. Rather, these steps ar...

Already happens: Capitalism destroys human labor force and goes to the next phase

by system failure Connecting the dots one can discover the most nightmarish scenarios. Destructive capitalism's next phase is the total substitution of the human labor force with robotic machines, or in other words, the hyper-automatization. There is a process taking place right now, and no one (or nearly no one) knows what would happen after its completion. The true picture behind unemployment From a latest article in PressTV: “ Did you know that there are nearly 102 million working age Americans that do not have a job right now? And 20 percent of all families in the United States do not have a single member that is employed. So how in the world can the government claim that the unemployment rate has “dropped” to '6.3 percent'?” “ Well, it all comes down to how you define who is 'unemployed'. For example, last month the government moved another 988,000 Americans into the 'not in the labor force' category.” http://www.presstv.ir/detail...

A response to misinformation on Nicaragua: it was a coup, not a ‘massacre’

There is so much misinformation in mainstream corporate media about recent events in Nicaragua that it is a pity that Mary Ellsberg’s article for Pulse has added to it with a seemingly leftish critique. Ellsberg claims that recent articles, including from this website, often “ paint a picture of the crisis in Nicaragua that is dangerously misleading. ” Unfortunately, her own article does just that. It looks at the situation entirely from the perspective of those opposing Daniel Ortega’s government while whitewashing their malevolent behavior and downplaying the levels of US support they have relied on. Her piece is an incomplete depiction of what is happening on the ground, ignoring many salient facts that have come to light and which have been outdated by recent events. The following is a brief response to Ellsberg’s main points from someone who lives in Nicaragua and has observed the situation directly and intimately: https://grayzoneproject.com/2018/08/15/a-res...

the unbalanced evolution of homo sapiens

Search This Blog