Wikileaks claim CIA tools ‘snoop’ via TVs

By BBC

Wikileaks has published details of what it says are wide-ranging hacking tools used by the CIA.

The alleged cyber-weapons are said to include malware that targets Windows, Android, iOS, OSX and Linux computers as well as internet routers.

Some of the software is reported to have been developed in-house, but the UK’s MI5 agency is said to have helped build a spyware attack for Samsung TVs.

A spokesman for the CIA would not confirm the details.

“We do not comment on the authenticity or content of purported intelligence documents,” he said.

A spokesman for the UK Home Office was unable to comment.

Wikileaks said that its source had shared the details with it to prompt a debate into whether the CIA’s hacking capabilities had exceeded its mandated powers.

The effort to compromise Samsung’s F8000 range of smart TVs was codenamed Weeping Angel, according to documents dated June 2014.

They describe the creation of a “fake-off” mode, designed to fool users into believing that their screens had been switched off.

Instead, the documents indicate, infected sets were made to covertly record audio, which would later be transferred over the internet to CIA computer servers once the TVs were fully switched back on, allowing their wi-fi links to re-establish.

Under a “future work” section, it is suggested that video snapshots might also be taken and the wi-fi limitation be overcome.

Samsung has not commented on the allegations.

Apple attacks

Wikileaks also claims that as of last year, the CIA has built up an arsenal of 24 Android “zero days” – the term given to previously unknown security flaws in code.

Some of these are said to have been discovered by the CIA, but others were allegedly obtained from the UK’s GCHQ agency as well as the NSA and unnamed third-parties.

Devices made by Samsung, HTC and Sony, among others, were said to have been compromised as a result, allowing the CIA to read messages on Whatsapp, Signal, Telegram and Weibo among other chat services.

It is also claimed that a specialised CIA unit was set up to target iPhones and iPads, allowing the agency to see a target’s location, activate their device’s camera and microphone, and read text communications.

The unit is also reported to have made use of further iOS “zero days” obtained from GCHQ, the NSA and FBI.

“It is longstanding policy that we do not comment on intelligence matters,” GCHQ told the BBC.

“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate.”

Other claims say the CIA:

  • was trying to find ways to infect vehicles’ computer control systems. Wikileaks claims these might have been used for undetectable assassinations
  • had found ways to infect “air-gapped” computers – machines that are not linked up to the internet or other insecure networks.
  • Methods are said to have included hiding data in images or hidden parts of computer storage
  • had developed attacks against popular anti-virus products
  • had built up a library of hacking techniques “stolen” from malware developed in Russia and elsewhere

Wikileaks describes its release as the first in a series of planned leaks about the CIA’s cyber-activities, which it refers to as Vault 7.

It added that the material had already circulated among hackers who used to work for the US government as well as contractors in an unauthorised manner.