• chevron_right

      Security Vulnerabilities in Covert CIA Websites

      news.movim.eu / Schneier · Sunday, 2 October, 2022 - 15:03 · 1 minute

    Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by —at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.”

    Citizen Lab did the research :

    Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication.

    The websites included similar Java, JavaScript, Adobe Flash, and CGI artifacts that implemented or apparently loaded covert communications apps. In addition, blocks of sequential IP addresses registered to apparently fictitious US companies were used to host some of the websites. All of these flaws would have facilitated discovery by hostile parties.


    The bulk of the websites that we discovered were active at various periods between 2004 and 2013. We do not believe that the CIA has recently used this communications infrastructure. Nevertheless, a subset of the websites are linked to individuals who may be former and possibly still active intelligence community employees or assets:

    • Several are currently abroad
    • Another left mainland China in the timeframe of the Chinese crackdown
    • Another was subsequently employed by the US State Department
    • Another now works at a foreign intelligence contractor

    Citizen Lab is not publishing details, of course.

    When I was a kid, I thought a lot about being a spy. And this, right here, was the one thing I worried about. It didn’t matter how clever and resourceful I was. If my handlers were incompetent, I was dead.

    Another news article .

    EDITED TO ADD (10/2): Shashdot thread .

    • chevron_right

      Zero-click iMessage zeroday used to hack the iPhones of 36 journalists

      Dan Goodin · news.movim.eu / ArsTechnica · Monday, 21 December, 2020 - 21:39

    Promotional image of iPhone.

    Enlarge (credit: Apple )

    Three dozen journalists had their iPhones hacked in July and August using what at the time was an iMessage zeroday exploit that didn’t require the victims to take any action to be infected, researchers said.

    The exploit and the payload it installed were developed and sold by NSO Group, according to a report published Sunday by Citizen Lab, a group at the University of Toronto that researches and exposes hacks on dissidents and journalists. NSO is a maker of offensive hacking tools that has come under fire over the past few years for selling its products to groups and governments with poor human rights records. NSO has disputed some of the conclusions in the Citizen Lab report.

    The attacks infected the targets’ phones with Pegasus, an NSO-made implant for both iOS and Android that has a full range of capabilities, including recording both ambient audio and phone conversations, taking pictures, and accessing passwords and stored credentials. The hacks exploited a critical vulnerability in the iMessage app that Apple researchers weren’t aware of at the time. Apple has since fixed the bug with the rollout of iOS 14.

    Read 11 remaining paragraphs | Comments