Skip to main content

The deeper story behind CIA's attempt to 'impersonate' Russian cybersecurity company using hacking tool Hive


In 9 November 2017, WikiLeaks published the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.

According to WikiLeaks, Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.

Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.

This CIA cybertool could be proven very useful for accusing foreign agencies and organizations for hacking US facilities and processes, but beyond that, there is a deeper reason for which CIA has targeted the specific Russian company and it is related to the first discovered malware that spies on and subverts industrial systems.

Former British intelligence officer and Whistleblower, Annie Machon, reveals why CIA has targeted Kaspersky Lab:

Obviously, the CIA will be interested in a very successful Russian-based company that offers protection on the Internet. But it goes back a bit further because, it was 2010 the very first proven cyberwarfare weapon was deployed. And this was against the Iranian domestic civilian nuclear development capability. And this was at the time when the Americans were drumming up the war against Iran.

There was an attack made against their civilian nuclear capability, and in this case, this virus, which was called Stuxnet, was deployed against the centrifuges that enriched the Uranium. Nobody knew where it came from. It seemed to be very weaponized, a state level. And it was actually Kaspersky that unveiled who had developed it. It was the Americans and the Israeli intelligence agencies. So, Kaspersky has been very much in the cross-chairs of both the American and the Israeli intelligence agencies.


From Wikipedia, Stuxnet is a malicious computer worm, first uncovered in 2010 by Kaspersky Labs, the antivirus company. Thought to have been in development since at least 2005, stuxnet targets SCADA systems and was responsible for causing substantial damage to Iran's nuclear program. Although neither country has admitted responsibility, since 2012 the worm is frequently described as a jointly built American/Israeli cyberweapon.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems. While it is not the first time that hackers have targeted industrial systems, nor the first publicly known intentional act of cyberwarfare to be implemented, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

Comments

Post a Comment

Popular posts from this blog

"Kidnapped in Int'l Waters": Israel Intercepts Gaza-Bound Aid Ship, Detains Greta Thunberg & Others

Democracy Now!   Eleven peace activists and one journalist on board the Gaza Freedom Flotilla ship, the "Madleen," were detained by Israeli soldiers as their ship carrying vital humanitarian aid for starving Palestinians approached Gaza.    The ship was intercepted by Israeli forces in the middle of the night in international waters. Its supplies were seized and communications jammed. The unarmed activists will likely be transported to Israeli detention or "immediately deported," says Ann Wright, a U.S. military veteran who has participated in four Freedom Flotilla journeys and now serves on the steering committee of the Freedom Flotilla Coalition. She calls on citizens of countries around the world to push for the activists' release and an end to Israel's war on Gaza. 
Post a Comment
Read more

How Israel’s Supporters Play Victim to Justify Genocide & Silence Critics

BreakThrough News   As Israel commits a live-streamed genocide in Gaza, Western media and political elites continue to center one narrative: Jewish fear. But what about the actual victims of this genocide—Palestinians? Journalist Nora Barrows-Friedman joins Rania Khalek on Dispatches for a fearless conversation on Zionist indoctrination in the Jewish diaspora, how antisemitism is being weaponized to silence critics of Israel, and how Jewish identity politics has been manipulated to cover for unspeakable crimes. From the media blackout on Israeli war crimes to the erasure of anti-Palestinian hate crimes—even in the diaspora—Nora lays bare the contradictions and power structures behind it all. 
Post a Comment
Read more

How the U.S. & Israel Used Rafael Grossi to Hijack the IAEA and Start a War on Iran

Rafael Grossi, Director General of the International Atomic Energy Agency (IAEA), allowed the IAEA to be used by the United States and Israel—an undeclared nuclear weapons state in long-term violation of IAEA rules—to manufacture a pretext for war on Iran, despite his agency’s own conclusion that Iran had no nuclear weapons program.   by Medea Benjamin - Nicolas J. S. Davies On June 12th, based on a damning report by Grossi, a slim majority of the IAEA Board of Governors voted to find Iran in non-compliance with its obligations as an IAEA member. Of the 35 countries represented on the Board, only 19 voted for the resolution, while 3 voted against it, 11 abstained and 2 did not vote. The United States contacted eight board member governments on June 10th to persuade them to either vote for the resolution or not to vote. Israeli officials said they saw the U.S. arm-twisting for the IAEA resolution as a significant signal of U.S. support for Israel’s war plans, revealing how much Isra...
Post a Comment
Read more

Muslim Wins New York City Mayoral Primary & Zionists FREAK OUT!

The Jimmy Dore Show   A "scary" Muslim named Zohran Mamdani has won the Democratic mayoral primary, and Zionists are absolutely freaking out. In this clip Jimmy and Americans’ Comedian Kurt Metzger mock the over-the-top reactions from political figures and media personalities, particularly right-wing commentators, who equate Mamdani's Muslim identity and progressive views with anti-American and anti-Israel sentiment. They also explore how Mamdani's refusal to blindly support Israel during debates may have contributed to his popularity, contrasting it with exaggerated loyalty pledges from other candidates. Throughout, the hosts criticize the Democratic Socialists of America, highlight government hypocrisy, and deride fearmongering rhetoric around Muslims and leftist policies. 
Post a Comment
Read more

How the EU is using anti-Russia sanctions to criminalise journalism

The EU sanctioned me and my media outlet for covering Palestine protests in Germany. It’s part of Europe’s growing authoritarianism and militarism, cloaked in language of fighting disinformation and defending democracy.   by Hüseyin Dogru   Part 2 - How the EU uses anti-Russian hysteria to smear Palestine solidarity journalism   The official rationale for sanctioning me hinges on red .’s alleged links to Russian influence. The EU sanctions listing cited just two pieces of “evidence”: that some red. staff had previously worked for Russian-funded media, and that we covered “politically controversial subjects” – specifically: Palestine. That’s it. The listing accuses me, through my work with red ., of “facilitating violent demonstrations”, amplifying “radical Islamic terrorist narratives” and claims our staff “coordinated with occupiers”. Not a single piece of evidence is cited, apart from the fact that we published footage of a pro-Palestine student occupation in Berlin. I...
Post a Comment
Read more

UN report confirms: Israel is a terrorist state and its goal is to exterminate all Palestinians

Israeli attacks on educational, religious and cultural sites in the Occupied Palestinian Territory amount to war crimes and the crime against humanity of extermination, UN Commission says.     globinfo freexchange Israel has obliterated Gaza’s education system and destroyed over half of all religious and cultural sites in the Gaza Strip, part of a widespread and relentless assault against the Palestinian people in which Israeli forces have committed war crimes and the crime against humanity of extermination, the UN Independent International Commission of Inquiry on the Occupied Palestinian Territory, including East Jerusalem and Israel, said in a new report [yesterday]. While the Commission paid special attention to the situation in Gaza, the report focuses on attacks in the Occupied Palestinian Territory as a whole, and in Israel. “We are seeing more and more indications that Israel is carrying out a concerted campaign to obliterate Palestinian life in Gaza,” said Navi Pi...
Post a Comment
Read more

Keir Starmer admits Ukraine a proxy war

The Grayzone   The Grayzone 's Max Blumenthal and Aaron Mate on the British PM's unintentional acknowledgement of an inconvenient truth. 
Post a Comment
Read more

[LIVE] War in the Middle East after Iran's retaliation against Israel

globinfo freexchange      Explosions in Tel Aviv as sirens sound across Israel amid Iranian missile attacks in response to Israeli strikes.      The Israeli military continues to launch waves of strikes against Iranian military and nuclear sites, as well as major cities.   Updates:  https://www.aljazeera.com/news/liveblog/2025/6/13/live-explosions-reported-in-iran-amid-israel-tensions  
Post a Comment
Read more

War criminal Netanyahu is pushing the Orange Clown and the US into the abyss

globinfo freexchange   It seems that the war criminal Benjamin Netanyahu, is rushing to accelerate the decline of the US empire by forcing Donald Trump into an utterly devastating war with Iran.   Trump shot himself in the foot during his first term by killing the Iran nuclear deal just because he wanted to erase everything from the Obama legacy. His insane narcissism pushed him into crazy acts and made him believe that he could make another deal with Iran credited solely on him.   But now he is in big trouble because he has to deal with a corrupted psychopath who won't hesitate to burn the entire planet just to save himself.  As if the genocide of Palestinians in Gaza was not enough, the out-of-control psychopath Netanyahu, is doing whatever he can to drag the US into a war with Iran. As he realized that the Iranians are approaching the negotiating table again, (rather surprisingly with the man that killed the first deal and assassinated Qasem Soleimani), he decide...
Post a Comment
Read more

Latest on Los Angeles anti-ICE protests in US

CGTN     Views of downtown Los Angeles where protests against immigration raids entered their third day on Sunday local time.   Protesters clashed with National Guard troops in downtown Los Angeles during the latest wave of demonstrations against statewide immigration enforcement operations that swept across California over the weekend.  
Post a Comment
Read more