Aadhar Card database can easily be accessed by CIA Covert Operations via UIDAI certified company Cross Match. Today WikiLeaks published secret documents from the Express Lane Malware project of the CIA Spy operations. These documents show one of the cyber operations the CIA conducts against other govt. agencies. Let’s understand the process how can CIA hacks indias aadhar card database.

The OTS (Office of Technical Services), a branch of the CIA, has a biometric collection system that is provided to govt. agencies around the world — CIA’s ExpressLane is a covert information collection tool that is used exfiltrate data collections from such biometric systems provided to govt agencies around the world.

ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the Liaison sites. This procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen.

The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community.

Cross Match Is certified by UIDAI (India Govt’s Institute Responsible For Aadhar)

Cross Match was one of the first suppliers of biometric devices Aadhaar program. Cross Match received the Certificate of Approval for its Guardian fingerprint capture device and the iScan dual iris capture device on October 7, 2011. Both systems utilize Cross Match’s patented Auto Capture feature, which quickly captures high-quality images with minimal operator involvement.
Nearly all of the UIDAI certified enrollment agencies use Cross Match devices across India.

 Components of India’s Aadhar Program

The foundation of the Aadhaar program is based on biometric and demographic data that is unique to each citizen. This data can only be collected by leveraging biometric devices and compatible software – the second and third stages of the Aadhaar value chain.

All the devices and compatible software are provided by Cross Match [ExpressLane Data Collection Malware Has been developed exfiltrate databases from Cross Match Products]

Read the Manual Of Installing Aadhar Enrollment Software (You will see Cross Match products are used for it)

How CIA agents can access Aadhaar database in real-time

A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high-security networks that are disconnected from the internet. In these cases, a CIA agent or spy physically infiltrate the targeted workplace. The attacker is provided with a USB containing malware developed by CIA for this purpose(Express Lane), which is inserted into the targeted computer.
The attacker then infects and exfiltrates data to removable media. For example, the CIA attack a system. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos).
ExpressLane comes with a standardized questionnaire i.e menu containing questions that CIA spy fills out. The questionnaire is remotely used by the CIA’s OSB (Operational Support Branch) to transform the requests of spies into technical requirements for hacking attacks. The questionnaire allows the CIA to communicate with Express Lane Malware.

See Leaked Wikileaks Documents on CIA’s ExpressLane Malware

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here


CAPTCHA Image
Reload Image