Hive
14 April, 2017
Today, April 14th 2017, WikiLeaks
publishes six documents from the CIA's HIVE project created by its
"Embedded Development Branch" (EDB).
HIVE is a back-end
infrastructure malware with a public-facing HTTPS interface which is
used by CIA implants to transfer exfiltrated information from target
machines to the CIA and to receive commands from its operators to
execute specific tasks on the targets. HIVE is used across multiple
malware implants and CIA operations. The public HTTPS interface utilizes unsuspicious-looking cover domains to hide its presence.
