WikiLeaks publishes details of alleged CIA hacking tools

WikiLeaks publishes details of alleged CIA hacking tools

Julian Assange arrested by Met Police after Ecuador withdraws asylum status

Whistleblowing group WikiLeaks has published what it claims are details of malware and cyber weapons used by the CIA - some developed in conjunction with MI5.

According to documents uploaded yesterday, the agency holds tools that target flaws in popular platforms including Windows, macOS, iOS and Android.

The alleged arsenal also includes an attack against Samsung smart televisions, which is said to have been developed with help from UK spy agency MI5.

WikiLeaks claimed the CIA had “lost control” of its tools, which were circulated “in an unauthorised manner”, giving their possessors the CIA’s “entire hacking capacity”.

The source of the documents has not been named and their contents have not been confirmed. Although a CIA spokesperson would not comment on the documents’ authenticity, NSA whistleblower Edward Snowden suggested they were genuine.

“Still working through the publication, but what WikiLeaks has here is genuinely a big deal,” he tweeted yesterday. “Looks authentic.

“What makes this look real? Program and office names, such as the JQJ (IOC) crypt series, are real. Only a cleared insider could know them.”

Snowden went on to criticise suggestions that the CIA and US government had researched vulnerabilities in products and intentionally left them open, pointing out that those same flaws would remain present for cyber criminals to take advantage of.

Although the alleged tools vary in nature, a common theme is the compromise of smart devices to gain control of their cameras and microphones.

For example, the Samsung television exploit - dubbed Weeping Angel - creates a “fake-off” mode where sets appear to be off but continue to record audio.

"There is an extreme proliferation risk in the development of cyber 'weapons',” said WikiLeakes editor Julian Assange.

“Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.

“But the significance of Year Zero goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

More details on the documents, named Vault 7, are on the WikiLeaks website.


Photo © Cancillería del Ecuador (CC BY-SA 2.0). Cropped.

This story was originally reported by Business Reporter

Copyright Lyonsdown Limited 2021

Top Articles

Clubhouse data leak: Data of 1.3m users dumped on a hacker forum

An SQL database containing records of 1.3 million Clubhouse users has been leaked for free on a popular hacker forum.

Iran terms Israeli cyber attack on nuke facility as "nuclear terrorism"

A rumoured cyber attack carried out by Mossad, Israel's official spy agency, destroyed legacy IR-1 centrifuges at Iran's underground nuclear facility located in Natanz.

The Hunt for Red Insider

The analogy to The Hunt For Red October is not far removed from the common reality of cybersecurity.

Related Articles