Wednesday, 08 March 2017 07:16

Windows, iOS, Android, Samsung, Linux under threat after Vault 7 dump Featured


The release of a huge number of CIA documents by WikiLeaks overnight puts many of the common software and gadgets used around the world at risk.

There is code in the release for attacks on Microsoft's Windows, Apple's iOS, macOS and OS x, Google's Android, Linux and Samsung TVs.

The hacking and malware tools are built by the Engineering Development Group, a department of the CIA's Directorate for Digital Innovation. This is one of the five major directorates of the CIA.

The exploit to listen in through Samsung TVs has been dubbed Weeping Angel and was developed with Britain's MI5/BTSS, WikiLeaks said.

"After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server," it said.

The agency's Mobile Devices Branch had developed numerous attacks to remotely hack into and take over popular smartphones; the location of the owner, audio and text communications could be snooped on, while the phone's camera and microphone could be covertly activated.

The iPhone had 14.5% of the global smartphone market in 2016, but the CIA had a specialised unit to develop attack tools for this device, probably because it was popular among diplomatic, social, political and business elites, WikiLeaks said.

A similar unit was focused on Google's Android operating system which has nearly all of the remaining market share.

"Year Zero shows that as of 2016 the CIA had 24 'weaponized' Android 'zero days' which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

"These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloackman by hacking the smartphones that they run on and collecting audio and message traffic before encryption is applied."

The material released shows a huge effort to control Windows users with malware, including numerous local and remote weaponised zero-day exploits, and air gap jumping viruses like Hammer Drill which is used to collect information from CDs/DVD.

There are also exploits for routers, infectors for removable media like flash drives, systems for steganography (hiding data in images) or in covert disk areas.

WikiLeaks said the CIA had built automated multi-platform malware attack and control systems for Windows, Linux, OS X, Solaris and other operating systems.

One of the tools described is HIVE; it contains customisable implants for Windows, Solaris,s MikroTik (routers), and Linux and a command and control infrastructure to communicate with the software after it is placed on targets.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments