Security News > 2022 > September > How CIA betrayed informants with shoddy front websites built for covert comms

How CIA betrayed informants with shoddy front websites built for covert comms
2022-09-29 23:03

For almost a decade, the US Central Intelligence Agency communicated with informants abroad using a network of websites with hidden communications capabilities.

So poorly were these 885 front websites designed according to security research group Citizen Lab and Reuters, that they betrayed those using them to spy for the CIA. Citing a year-long investigation into the CIA's handling of its informants, Reuters on Thursday reported that Iranian engineer Gholamreza Hosseini had been identified as a spy by Iranian intelligence, thanks to CIA negligence.

Reuters found one of the CIA websites, iraniangoals[.

"The websites included similar Java, JavaScript, Adobe Flash, and CGI artifacts that implemented or apparently loaded covert communications apps," Citizen Lab explains in its report.

The websites were designed to look like common commercial publications but included secret triggering mechanisms to open a covert communication channel.

"Sloppy ass website widget architecture plus ridiculous hosting/DNS decisions by CIA/CIA contractors likely resulted in dozens of CIA spies being killed," he said.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/09/29/us_spy_catastrophe_reported_in/