27 July 2015

WikiLeaks Stratfor Emails Contain Malware

 


Hi Cryptome -

My name is Josh Wieder. You may remember me recently as one of the guys who helped shut down one of the guys who has been circulating torrents posing as Cryptome. I'm a systems administrator, and have been for about 10 years now. Most of that time I have worked for data centers and hosting companies. One of my responsibilities was helping to manage the abuse response for the networks my companies leased; in practice this meant tracking down hackers and spammers and mitigating the occasional DoS.

I am also a regular reader of Wikileaks (as well as Cryptome!). Back in March, I decided to take a look at the Stratfor emails that Wikileaks got from Lulzsec. Although Wikileaks first publicized the emails in 2012, they did not release all of them until two years later. I thought I might find information that was overlooked after the initial publicity wore off.

What I found, so far, was 18 email attachments infected with malicious software. Most of the malware is embedded inside documents like PDFs, DOCs and Excel spreadsheets. All of the programs allow those who read infected files to be identified and tracked - one script for example scrapes Windows software registration info like name and location and sends it to a remote server. Interestingly, the email headers indicate that nearly all of the malware originates from Stratfor employees. This is not spearphishing.

I tried to contact Wikileaks for over two months via email, the livechat that is supposed to serve as how they receive leaks and finally publicly, through Twitter. I received no response. Because of the lack of response and the risk posed to activists and journalists by leaving these malicious scripts available for download without any sort of warning, I went public. Interestingly, Hector Monsegur - aka 'sabu' - the former leader of Lulzsec and FBI informant who was reportedly involved with handing over the Stratfor emails to Wikileaks, was one of the first people to publicly confirm my findings.

My findings have been verified by several respected news outlets - The Register from the UK

http://www.theregister.co.uk/2015/07/17/wikileaks_malware_warning/

and

Neue Zürcher Zeitung of Switzerland

http://www.nzz.ch/digital/vorsicht-vor-wikileaks-dokumenten-ld.1082

I've been interviewed by several other newspapers that are working on features; the I-team editor of one of those newspapers even sent a warning containing my findings to the NICAR mailing list. You can confirm my findings directly using the list of infected files available here:

http://pastebin.com/hSxUw2Vy

because Wikileaks is publishing the malware file by file, confirming infection using a tool like Virus Total or something similar would only take a few minutes.

I do not have a bone to pick with Wikileaks - however providing malware that can identify the readers of leaked documents without a warning is without justification. While technically savvy readers likely take precautions when viewing these documents, they are taking precautions against third party surveillance techniques and applications like XKEYSCORE; securing a computer for analysis of active malicious software requires different precautions.

Finally, analysis of the malware - who designed it and how it circulated - is of public interest all on its own. Taken at face value, the email headers of several infected messages indicate that the wife of Stratfor's CEO was circulating infected files as early as 2003. The continued presence of these infected attachments strongly indicates that such intrusions were never discovered, investigated and repaired: a stunning display of operational security incompetence.

Please help me get the word out to activists and journalists as well as tech folks who can help me research the malware iself. I am happy to provide additional information and background to the best of my ability.

All the best,

Josh Wieder

PGP Public Key:

https://pgp.mit.edu/pks/lookup?op=vindex&search=0xD059F15CD3553EDC

Fingerprint: Fingerprint=040C D852 0EAB 0FCB 5492 5DA0 D059 F15C D355 3EDC

Key ID: D3553EDC

___

Ref: https://cryptome.org/2015/07/wikileaks-stratfor-malware.htm

A thousand prominent researchers whose laboratories and companies are pursuing the development of artificial intelligence and robotics have issued an open letter urging a moratorium on the creation of offensive autonomous weapons systems:

Autonomous weapons select and engage targets without human intervention. They might include, for example, armed quadcopters that can search for and eliminate people meeting certain pre-defined criteria, but do not include cruise missiles or remotely piloted drones for which humans make all targeting decisions. Artificial Intelligence (AI) technology has reached a point where the deployment of such systems is — practically if not legally — feasible within years, not decades, and the stakes are high: autonomous weapons have been described as the third revolution in warfare, after gunpowder and nuclear arms.

Many arguments have been made for and against autonomous weapons, for example that replacing human soldiers by machines is good by reducing casualties for the owner but bad by thereby lowering the threshold for going to battle. The key question for humanity today is whether to start a global AI arms race or to prevent it from starting. If any major military power pushes ahead with AI weapon development, a global arms race is virtually inevitable, and the endpoint of this technological trajectory is obvious: autonomous weapons will become the Kalashnikovs of tomorrow. Unlike nuclear weapons, they require no costly or hard-to-obtain raw materials, so they will become ubiquitous and cheap for all significant military powers to mass-produce. It will only be a matter of time until they appear on the black market and in the hands of terrorists, dictators wishing to better control their populace, warlords wishing to perpetrate ethnic cleansing, etc. Autonomous weapons are ideal for tasks such as assassinations, destabilizing nations, subduing populations and selectively killing a particular ethnic group. We therefore believe that a military AI arms race would not be beneficial for humanity. There are many ways in which AI can make battlefields safer for humans, especially civilians, without creating new tools for killing people.

Just as most chemists and biologists have no interest in building chemical or biological weapons, most AI researchers have no interest in building AI weapons — and do not want others to tarnish their field by doing so, potentially creating a major public backlash against AI that curtails its future societal benefits. Indeed, chemists and biologists have broadly supported international agreements that have successfully prohibited chemical and biological weapons, just as most physicists supported the treaties banning space-based nuclear weapons and blinding laser weapons.

In summary, we believe that AI has great potential to benefit humanity in many ways, and that the goal of the field should be to do so. Starting a military AI arms race is a bad idea, and should be prevented by a ban on offensive autonomous weapons beyond meaningful human control.

More here:

http://reason.com/blog/2015/07/28/ban-killer-robots-says-open-letter-from

Jean Lievens: Open Source Blockchain Reveals True Cost Economics of Everything — This is a Revolution!

Blockchain Can Bring Transparency to Supply Chains

The open source, decentralized database blockchain allows consumers to check the authenticity and ethical standards of their products, says Dr. Jutta Steiner.

The key to transparency is the decentralization of data, meaning no single party can control what is seen.

 

 

Phi Beta Iota: This is huge and could be more important than schools as a means of educating the public and empowering the public to then act ethically and change markets overnight.  Coca-Cola, Nestle, and Monsanto — by whatever new name they adopt — will be the first to go.

See Also:

Provenance

Robert David Steele Vivas

Robert David Steele Vivas

ROBERT STEELE: Here is a copy of my email to Dr. Jutta Steiner:

For Dr. Jutta Steiner of Provenance

We are pointing to the story, Blockchain Can Bring Transparency to Supply Chains on the 24th, our next open slot at Phi Beta Iota the Public Intelligence Blog.

I am the leading proponent for the integration of holistic analytics, true cost economics, and open source everything engineering. My personal web page is robertdavidsteele.com, note the UN paper at the top and the keynote to the Ecuadorean intelligence community among the highlighted references early on. One graphic is attached for your convenience — my vision of what your app will look like when you are fully developed.

I see three missing pieces in your otherwise superb and revolutionary work:

1. An early primer on true cost economics with some short case studies will help explain why what you are doing is so very important and has the potential to change markets overnight — and to bypass name changes such as Monsanto is now planning. This should include an analytic model for properly documenting the true costs of every product, policy, service, and behavior, setting a standard that clones can replicate.

2. It certainly makes sense to give companies an opportunity to shine, but it would make as much or more sense to open your system — once you have a data entry and ingestion capability – to crowdsourcing. I bring to your attention the open source model established by CrisisMappers — their combination of distributed humans, rapid training, redundant cross-validation of facts and interpretations, the use of open source technologies, and of course their geospatial foundation, could be used to take you to the next level.

3. Once the above two have been fleshed out, go multilingual and make it possible — as CrisisMappers makes possible, the harvesting of direct eyes-on indigenous knowledge in all languages relevant to every product and service. You have the potential to blow the head off predatory capitalism, to eradicate the 50% waste that is characteristic of most supply chains, and to expose in particular import/export tax avoidance and other forms of revenue fraud.

I pray for your very rapid expansion and success. The first two cc’s co-founded CrisisMappers and can help you leverage what they know; the second two are P2P Foundation leaders and can help you do outreach and publicize your efforts, the last cc is a UN consultant who needs to know about you.

 

Robert Steele

___

Ref: http://www.phibetaiota.net/2015/06/jean-lievens-open-source-block-chain-reveals-true-cost-economics-of-everything-this-is-a-revolution/

Tired of Domination by the Bushes and Clintons?

July 4th is approaching — a great time to declare independence from the Bushes and Clintons who have dominated our country's politics for decades.

More here:

http://tekgnosis.typepad.com/tekgnosis/2015/07/july-4th-approaching-a-great-time-to-declare-independence-from-the-bushes-and-clintons.html