WikiLeaks has published a massive trove of confidential documents in what appear to be the biggest ever leak involving the US Central Intelligence Agency (CIA).
WikiLeaks announced series Year Zero, under which the whistleblower organization will reveal details of the CIA’s global covert hacking program.
As part of Year Zero, Wikileaks published its first archive, dubbed Vault 7, which includes a total of 8,761 documents of 513 MB (torrent | password) on Tuesday, exposing information about numerous zero-day exploits developed for iOS, Android, and Microsoft’s Windows operating system.
WikiLeaks claims that these leaks came from a secure network within the CIA’s Center for Cyber Intelligence headquarters at Langley, Virginia.
The authenticity of such dumps can not be verified immediately, but since WikiLeaks has long track record of releasing such top secret government documents, the community and governments should take it very seriously.
CIA’s Zero-Day Exploits & Ability to Bypass Encrypted Apps
According to initial analysis and press release, the leak sheds light on the CIA’s entire hacking capabilities, including its ability to hack smartphones and popular social media messaging apps including the world’s most popular WhatsApp messaging app.
“These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloackman by hacking the smartphones that they run on and collecting audio and message traffic before encryption is applied,” WikiLeaks said.
The exploits come from a variety of sources, including partner agencies like NSA and GCHQ or private exploit traders, as well as the CIA’s specialized unit in its Mobile Development Branch that develops zero-day exploits and malware for hacking smartphones, including iPhones and iPads.
“By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other weaponized malware,” WikiLeaks said.
The agency can remotely activate smartphones’ cameras and microphones at its will, allowing it to hack social media platforms before encryption can be applied, WikiLeaks claims in the statement on their website.
“Weeping Angel” Attack — Hacking Smart TVs to Spy On Users
Vault 7 also details a surveillance technique — codenamed Weeping Angel — used by the agency to infiltrate smart TV’s, transforming them into covert microphones.
Samsung smart TVs, which previously drew criticism for their always-on voice command system, are vulnerable to Weeping Angel hacks that place the TVs into a “Fake-Off” mode.
In Fake-Off mode, the TV owner believes it is off when it is actually on, allowing the CIA to record conversations “in the room and sending them over the Internet to a covert CIA server.”
HammerDrill v2.0: A Malware to Steal Data From Air Gapped PCs
The CIA’s cyberweapon arsenal also includes a cross-platform malware, dubbed Hammer Drill, that targets Microsoft, Linux, Solaris, MacOS, and other platforms via viruses infecting through CDs/DVDs, USBs, data hidden in images, and other sophisticated malware.
What more interesting? Hammer Drill v2.0 also added air gap jumping ability used to target computers that are isolated from the Internet or other networks and believed to be the most secure computers on the planet.
Besides listing all hacking tools and operations, the documents also include instructions for using those hacking tools, tips on the configuration of Microsoft Visual Studio (which is classified as Secret/NOFORN), as well as testing notes for various hacking tools.
Some of the leaked documents even suggest that the CIA was even developing tools to remotely control certain vehicle software, allowing the agency to cause “accidents” which would effectively be “nearly undetectable assassinations.”