[Threatpost] WikiLeaks Reveals CIA Tool 'Scribbles' For Document Tracking
[Image: i-spy--680x400.jpg]

Original URL
Archive.is Mirror
Archive.org Mirror

Article Summary Wrote:WikiLeaks Reveals CIA Tool 'Scribbles' For Document Tracking
WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency's effort to keep tabs on documents leaked to whistleblowers and journalists.

Scribbles allegedly embeds a web beacon-style tag into watermarks located on Microsoft Word documents that can report document analytics back to the CIA. WikiLeaks released information Friday about Scribbles as part of its ongoing Vault 7 Dark Matter release that began last month.

WikiLeaks' copy of the CIA's Scribbles user manual says the tool will not work on encrypted or password-protected documents.

The CIA also warns that if a document with a Scribbles' watermark is opened in an alternative document viewing program, such as OpenOffice or LibreOffice, it may result in revealing watermarks and URLs for the user.

"We have no comment on the authenticity of purported intelligence documents released by Wikileaks or on the status of any investigation into the source of the documents. However, there are several critical points we would like to make."

"Similar tracking mechanisms are used by document protection security companies in order to track them," Yavo said.

He said Scribbles and similar tools such as web beacons are used by organizations to determine questions like: Did the document leak? Where was it opened? Who was the owner of the document that was opened? When was it opened?

Similar digital rights management products are sold commercially by firms like IntraLinks, which sells a tool called DocTrack, a file tracking service that gathers document analytics.

The tool offered admins the ability to track some document usage.

"Regarding privacy concerns, I don't see here a major concern, since we are dealing with internal classified documents - they should be protected from data leakage," said Omer Schneider, CEO of CyberX. However, Schneider and Yavo point out remote objects features in Office documents have been leveraged in several Office document based attacks.

Possibly Related Threads…
Thread Author Replies Views Last Post
WikiLeaks publishes CIA documents Bish0pQ 7 5,737 03-11-2017, 01:13 PM
Last Post: Baredee

Forum Jump:

Users browsing this thread: 1 Guest(s)