Download Chrome Extension
EDIT (2014-25-07):

This posting was distributed to ALL WikiLeaks mirrors 2014-23-07 but then retracted for unknown reasons. Unfortunately because of the longstanding promotion of WikiLeaks by certain Kremlin-controlled media outlets, the possibility of a conflict of interest has arisen. Because we deem this information to be of vital interest to the public, Las SGG and the Chilean activist sponsors of this mirror site have decided to retain this posting and its software download in their original form.

Today, 24 July 2014, WikiLeaks released a cracked version of a proprietary software known as ’ALFA-CIPHER’, utilized since 2008 by various government and corporate intelligence services to track and collect behavioral data of opposition political and activist groups. Known as an “Aggregate Analysis & Event Prediction System (AAEPS)”, the system parallels a project in development by the United States government and can be deployed in the form of browser extensions, mobile apps, or spyware attached to seemingly innocuous games. The data gathered on the backend is used to build predictive modeling and ostensibly influence mass psychology.

ALFA-CIPHER is administered by the Russian entity, TRU-COM, a department of private military corporation, OOO ChOP “Tsentr-Alfa”. It was developed by Vysokotochnye Kompleksy and its holding company, JSC NPO-Alfa along with USA subsidiary, Third Roman Intelligence Directorate. A technical specification on the ALFA-CIPHER’s browser extension software was first made available to WikiLeaks by NSA whistleblower, Edward Snowden in mid April but then redacted it from publication per the request of our former publication partners. Natan Dubovitsky, a former member of the hacker collective, Anonymous, then provided the cracked version of the software linked above on 25, May 2014. This “neutralized” version allows users to view (but not author) hidden data previously embedded on government and corporate websites.

The first documented use of ALFA-CIPHER came in August 2009, when an unknown entity distributed it as spyware in the context of an “alternate reality game”. During the game (known to the public as “Junko Junsui”), Oksana Kareyeva and other members of the activist organization, The Sisterhood, challenged supporters to complete a series of online investigations and protests. Millions of participants then unwittingly became targets for malware applications embedded in sites which emerged as top Google search results for the group. The provenance and purpose of the malware was debated then among cybersecurity experts with unconfirmed claims that it functioned as part of a distributed denial-of-service (DDoS) attack botnet.

Having thoroughly examined more recent versions of ALFA-CIPHER, it is feasible that the software originates from Russian government research and development. Versions of the browser extension are now openly distributed by the Russian Ministry of Internal Affairs and several affiliated private contractors. The stated purpose of ALFA-CIPHER is to provide an “effective means of gathering, communicating, and analyzing data on a chosen subject in real time” but its observable capabilities also suggest that it is a powerful tool for tracking and modeling the behavior of large groups online. Most alarmingly, the system is capable of altering the nature, appearance, and frequency of ideological content individuals encounter online. The disinformation potential of this utilization is important to understand, particularly given the role of social media in recent popular uprisings against corrupt governments and corporations.