WikiLeaks has leaked a large trove of CIA documents and hacking tools that were supposedly used by the agency to compromise smartphones, computers and even IoT devices such as smart televisions, in what could be the largest CIA leak in history.
Code-named “Vault 7” by WikiLeaks, the whistleblower agency claims it is the largest ever publication of confidential documents on the agency. The initial release, claimed as the first installment in a large trove of CIA material by WikiLeaks, contained 7,818 web pages with 943 attachments. A large portion was redacted by WikiLeaks editors so as to avoid disclosing the source code of the CIA’s cyberweapons. If the entire archive of CIA material is to be considered, there are several hundred million lines of computer code, according to WikiLeaks.
Now, thousands of files revealing a large majority of the CIA’s cyberweaponry have been exposed, with tools and instructions to breach popular calling service Skype, Wi-Fi networks, commercial antivirus programs used by millions around the world and more.
In revelations that could amount to significant ramifications in the CIA’s relationship with Silicon Valley, WikiLeaks revealed that a “specialized unit in the CIA’s Mobile Development Branch” developed a malware to compromise and steal data from iPhones and other Apple products running iOS.
Further, a separate but similar CIA unit also targets the Android operating system, used by a majority (~85%) of the world’s smart phones.
A damning excerpt from the press release reads:
1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors. These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.
Targeted: Windows, OSX, Linux, Routers, Smart TVs
The CIA also reportedly runs “a very substantial effort” to compromise and control Microsoft Windows, the world’s most used operating system, with its malware. Additionally, the CIA also developed multi-platform malware strains to attack and control systems running Windows, Mac OS X, Solaris, Linux and more.
Smart televisions were also targeted, with the CIA’s Embedded Devices Branch (EDB) developing an attack against Samsung smart TVs. Upon infection, the smart TVs transform into covert microphones, according to documents revealed by WikiLeaks.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
WikiLeaks is comparing the scale the leak to that of 2013, when former CIA contractor Edward Snowden released a trove of agency documents.
Image credit: Wikimedia.