CIA Hacking Program Exposed

Leak suggests CIA malware systems have targeted iPhones, Android systems, Microsoft software and Samsung smart TVs
US consulate in Frankfurt, Germany, used as a “covert base” for hackers in Europe, the Middle East and Africa.US consulate in Frankfurt, Germany, used as a “covert base” for hackers in Europe, the Middle East and Africa.

The CIA can turn your TV into a listening device, bypass popular encryption apps and possibly control your car, according to thousands of documents published by WikiLeaks, an anti-surveillance group.

The group posted nearly 9,000 documents on Tuesday it said were leaked from the Central Intelligence Agency, in what it described as the largest-ever publication of secret intelligence materials, Aljazeera reported.

It said the trove of documents “appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive”.

Jonathan Liu, a spokesman for the CIA, said, “We do not comment on the authenticity or content of purported intelligence documents.”

“The quantity of published pages … already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks,” WikiLeaks states.

Experts who have started to sift through the material said that it appeared legitimate.

The leak, named “Vault 7” by WikiLeaks, claims the CIA developed a malware to infect mobile phones to allow easier surveillance, but lost control of the technology. If the CIA really lost control of the technology, hackers worldwide could use the tools to steal data.

Edward McAndrew, a lawyer with a specialty in cybersecurity, said the security breach is a major concern for CIA, because their technology could already be in the wrong hands.

“What we’re hearing from WikiLeaks and others is that pieces of the toolkit are now outside of Langley [the CIA’s Virginia headquarters],” he told Aljazeera.

“If that’s true, once these tools are introduced into the wild of the Internet, they cannot be reclaimed. We’ll then see a race between those who would use these tools to exploit others and those trying to close all these vulnerabilities that have now come to light.”

The actual hacking tools were not part of the WikiLeaks trove.

WikiLeaks said it planned to avoid distributing tools “until a consensus emerges” on the political nature of the CIA’s program and how such software could be analyzed, disarmed and published.

  Malware Systems

WikiLeaks said the documents show that by the end of last year, the CIA’s hacking unit had more than 5,000 registered users who has produced more than 1,000 malware systems—viruses, trojans and other software that can infiltrate and take control of target electronics.

“The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified,” WikiLeaks states in the release.

These hacking tools have targeted iPhones, Android systems such as the kind of personal phone reportedly still used by US President Donald Trump, popular Microsoft software and Samsung smart TVs, which can be transformed into covert microphones, according to WikiLeaks.

The agency has also examined hacking into the electronic control systems on cars and trucks, potentially making it able to control them. By infecting smartphones, WikiLeaks said, the CIA can get around the encryption technologies of popular apps like WhatsApp, Signal, Telegram, Weibo and Confide by collecting communications before they are encrypted.

  Covert Base

The US Consulate in Frankfurt was reportedly used as a “covert base” for hackers in Europe, the Middle East and Africa. These hackers were given diplomatic passports with US State Department cover and were instructed to tell customs officials that they were technical consultants for the consulate.

Once in Frankfurt, WikiLeaks says the hackers could travel without border checks throughout Europe’s Schengen area. Hackers would then target certain workplaces with USB sticks containing malware and insert the sticks into a computer to infect or ex-filtrate data.


Add new comment

Read our comment policy before posting your viewpoints