Thread: Vault 7: CIA Hacking Tools (WikiLeaks)

WikiLeaks Posts Thousands of Purported CIA Cyberhacking Documents


Records show CIA able to spy on smartphones, internet TVs



March 7, 2017


Shane Harris and Paul Sonne




WASHINGTON—WikiLeaks released thousands of documents and files Tuesday that it said exposed tools the Central Intelligence Agency uses to hack smartphones, computer operating systems, messenger applications and internet-connected televisions.


The unauthorized disclosure—the first part of which WikiLeaks said consisted of 8,761 documents and files from the CIA’s Center for Cyber Intelligence—confronts President Donald Trump with a threat from the very organization that leaked documents on his opponent, Democrat Hillary Clinton, during the 2016 presidential campaign.


WikiLeaks named the series of files “Vault 7” and called the unauthorized disclosure the “largest ever publication of confidential documents on the agency,” saying it exposed the malware and exploits the agency amassed to hack smartphones and turn some televisions into covert microphones.


A CIA spokesman declined to comment “on the authenticity or content of purported intelligence documents.”

An intelligence source said some of the information does pertain to tools that the CIA uses to hack computers and other devices. This person said disclosing the information would jeopardize ongoing intelligence-gathering operations and the revelations were far more significant than the leaks of Edward Snowden, a former contractor for the National Security Agency who exposed active surveillance programs in 2013.


Mr. Snowden’s leaks revealed names of programs, companies that assist the NSA in surveillance and in some cases the targets of American spying. But the recent leak purports to contain highly technical details about how surveillance is carried out. That would make them far more revealing and useful to an adversary, this person said.


In one sense, Mr. Snowden provided a briefing book on U.S. surveillance, but the CIA leaks could provide the blueprints.


WikiLeaks said in its statement that it was not publishing such information as computer source code that could be used to replicate the tools it claims to have exposed. But the group left open the possibility of publishing those crucial details if “a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should [sic] analyzed, disarmed and published.”


Mr. Snowden said in a tweet Tuesday, “Still working through the publication, but what @Wikileaks has here is genuinely a big deal. Looks authentic.”


WikiLeaks said the CIA recently “lost control” of the majority of its hacking arsenal. “This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA,” the site said in a statement. “The archive appears to have been circulating among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”


The website put out what it called the first installment in a series of planned leaks on Tuesday, calling it “Year Zero.” It said the first installment “introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of U.S. and European company products.”


WikiLeaks said the information on CIA hacking came from an unidentified source who believes the spy agency’s hacking authorities “urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.”


This is the latest high-profile leak of information by WikiLeaks, which last fall published emails stolen from Mrs. Clinton’s campaign chairman, John Podesta. U.S. intelligence agencies concluded that Russian government hackers stole those emails and provided them to WikiLeaks.


WikiLeaks said the documents show the CIA’s ability to bypass the encryption of popular messenger applications, including WhatsApp, Signal, Telegram and Confide by hacking the smartphones they run on and collecting audio and message traffic before the applications encrypt the user’s texts.


The site said the documents also show how the CIA developed other mobile hacking technologies, including the ability to activate the camera and microphone of a target’s smartphone covertly and surreptitiously retrieve a target’s geolocation, audio and text communications.


WikiLeaks said one of the documents also shows how the CIA developed a program to hack internet-connected televisions in conjunction with British intelligence. The attacks can place Samsungsmart TVs in a fake off mode, so the owner believes the television is switched off, while in reality it is functioning as a bug and recording conversations in the room, WikiLeaks said.


https://www.wsj.com/articles/wikilea...nts-1488905823

It looks like the question of who "They" are has been answered. As in, "They" can use your TV to spy on you......

WikiLeaks – CIA Can Spy On, Target Anyone Through Everyday Devices, Crash Your Car

Posted on March 8, 2017 by Rick Wells
S


The Tuesday press release by WikiLeaks for their Vault7 CIA document dump included information regarding the activities of the agency in the development of a capability to infect and compromise every day devices which have computer processors in critical areas.

They describe the CIA’s use of malware and hacking tools constructed through their Engineering Development Group (EDG), a software development group within their Center for Cyber Intelligence (CCI), a department belonging to the CIA’s Directorate for Digital Innovation, DDI. The DDI is one of the five major directorates of the CIA. As WikiLeaks’ Julian Assange explains:

The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but ‘Weeping Angel,’ developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”

This brings to mind the case of Michael Hastings, a journalist for BuzzFeed and Rolling Stone, who died under suspicious circumstances in June of 2013. His car, in which he was the sole occupant, was being driven at an uncharacteristically high speed on Highland Ave in Los Angeles, exploding at 4:20 am when it crossed a median and struck a palm tree.

At the time Hastings was working on a profile of CIA director John Brennan for Rolling Stone. It’s doubtful he was filling paragraphs with a superlative-laden documentation of Brennan’s openness and patriotic fidelity to the Constitution. Hastings’s previous 2010 article on General Stanley McChrystal had led to his being removed from his position. Perhaps Brennan sought to test out their new technology on a convenient “volunteer.” Hastings admitted to friends and contacts that he had become very fearful for his safety in the last few weeks of his life, particularly in the last couple of days prior to his odd “accident.” Assange continued, “

The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.

Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote ‘zero days’ developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. ‘Year Zero’ shows that as of 2016 the CIA had 24 ‘weaponized’ Android ‘zero days’ which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”

It does appear that anything that is part of the so-called “Internet of things” has the potential to be used as a weapon against us. All of this is being done in secret, beyond our reach, without any meaningful supervision and without our knowledge.

http://rickwells.us/wikileaks-cia-spy-target-anyone-everyday-devices-crash-car/

So look who's the target now? When you're doing bad things, you shouldn't bring attention to yourselves, "INTEL" community.

But they did not use any of this on Trump? I think not as well as many thousands of other people all over the world. I think this is the tip of the iceberg here with this spying. It was brought up before about Obama spying on the the heads of other countries but this just may bring it front and center again.