In-brief: The web site WikiLeaks on Tuesday published thousands of documents that it claims are hacking tools developed and used by the U.S. Central Intelligence Agencies to spy on and surveil targets. Among the targets: Samsung smart TVs and connected vehicles.
The web site WikiLeaks on Tuesday published thousands of documents that it claims are hacking tools developed and used by the U.S. Central Intelligence Agencies to spy on and surveil targets. Among the targets: Samsung smart TVs and connected vehicles.
The revelations comes from the dumping of 7,818 web pages containing 943 attachments as well as several hundred million lines of computer code, Wikileaks claims. Among the leaks are purported to be exploits for previously unknown (or “zero day”) security holes affecting Apple’s iOS operating system and Google’s Android mobile operating system. Together, the two mobile operating systems run almost every smart phone on the planet as well as a growing number of devices connected to the “Internet of Things.” The CIA also cultivated tools for compromising the security of supposedly secure messaging services such as Signal, WhatsApp and Telegram.
Wikileaks did not release the hacking tools to the public and redacted information on CIA targets, which it said could be found in Latin America, Europe and the United States. Prominent among the hacks disclosed by Wikileaks are tools for gathering data from smart tools.The CIA’s Mobile Devices Branch (MDB) developed attacks that allowed the agency to remotely hack and control popular smart phones, monitoring geolocation, audio and text communications and covertly activating the phone’s camera and microphone.
A tool, dubbed “Weeping Angel” that turns Samsung brand smart television sets into surveillance devices. According to the document release, Weeping Angel, developed by the CIA’s Embedded Devices Branch (EDB), allows the CIA to continue listening to ambient conversations taking place around a Samsung TV while the set appears to be powered off. The attack was developed in cooperation with the United Kingdom’s MI5/BTSS, according to information published on Wikileaks. Captured conversations are sent to a covert CIA server.
A separate set of “engineering notes” published as part of the leaks notes that CIA security researchers discovered that the Samsung TV’s “delete and download keyfiles are sensitive to any newline characters” and “found configuration file and setting that manages automatic updates,” suggesting that the agency may have been able to flash target TV sets with malicious updates and also prevent legitimate updates that would overwrite their hacks. The CIA further ported TinyShell to work on the Samsung devices, providing “shell, command execution (and) file transfer capabilities,” the Wikileaks release claims.
Vehicle control systems were also on the radar of the U.S. spy agency, Wikileaks said, citing information in the leaked documents.