rediff.com

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  

Rediff News  All News 
Rediff.com  » News » WikiLeaks reveals how CIA hacks YOUR phones, TVs

WikiLeaks reveals how CIA hacks YOUR phones, TVs

March 08, 2017 11:47 IST

WikiLeaks has released what it termed as the biggest-ever leak of confidential documents from the Central Intelligence Agency, claiming the America's premier spy agency partnered with foreign intelligence agencies to turn TVs and smartphones into weapons for surveillance.

It alleges that CIA infested and collected intelligence through smart TVs, and phone.

Code-named "Vault 7" by WikiLeaks, it is the largest-ever publication of confidential documents on the agency.

It is a substantial collection of material about CIA activities obtained by WikiLeaks.

Part one was obtained recently and covers through 2016.

Details on the other parts will be available at the time of publication, it said.

WikiLeaks: How CIA hacks your Smart TV & Smartphone

WikiLeaks says: The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but 'Weeping Angel;, developed by the CIA's Embedded Devices Branch, which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS.

After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on.

In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

The CIA's Mobile Devices Branch developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.

In a statement, WikiLeaks said the first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virginia.

It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential elections.

WikiLeaks said recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation.

"This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA.

"The archive appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive," it said in a statement.

"There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.

"But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective," said Julian Assange, editor of WikiLeaks.

In its analysis of the document, WikiLeaks said CIA malware and hacking tools are built by Engineering Development Group, a software development group within Center for Cyber Intelligence, a department belonging to the CIA's Directorate for Digital Innovation -- one of the five major directorates of the CIA.

WikiLeaks alleged that as of October 2014, the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks.

"The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations," it said. Further, CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones.

Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone, it claimed.

CIA also developed malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.

CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop.

The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

WikiLeaks alleged that 'Year Zero' documents show that the CIA breached the Obama administration's commitments.

Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.

In addition to its operations in Langley, Virginia the CIA also uses the US consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa, it alleged.

WikiLeaks alleged that "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), infests smart TVs, transforming them into covert microphones.

The attack against Samsung smart TVs was developed in cooperation with the UK's MI5/BTSS.

After infestation, "Weeping Angel" places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on.

In 'Fake-Off' mode, the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

In October, CIA was also looking at infecting the vehicle control systems used by modern cars and trucks.

The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations, WikiLeaks added.

© Copyright 2018 PTI. All rights reserved. Republication or redistribution of PTI content, including by framing or similar means, is expressly prohibited without the prior written consent.