WikiLeaks’ latest release from the Vault 7 series of CIA leaks, sheds more light on how ordinary people can be easily tracked and targeted by the US intelligence agency through everyday electronic devices.
Since March 7, WikiLeaks has revealed CIA hacking techniques used to weaponize mobile phones, conduct surveillance via smart TVs, and load and execute malware on a ‘target machine’. In light of Thursday’s 20th release from Vault 7, lets look back at the most explosive revelations from the CIA’s hacking arsenal, showing how the intelligence agency could spy on you in your own home.
Home Security Systems
The ‘Dumbo’ program is purportedly designed to manipulate home security systems, altering the functionality of webcams and microphones on Microsoft Windows-operating systems and corrupting video recordings.
WikiLeaks suggested that this allows the operator to create fake – or destroy real – evidence of their intrusion into the device.
Many of the exploits revealed through the leaked Vault 7 documents appear designed to target ordinary individuals through commonly used devices.
The CIA allegedly has access to a range of tools that even target Samsung TVs under its ‘Weeping Angel’ program. The project involves infiltrating the smart TVs to transform them into covert microphones, which can record and store audio.
Google’s Android operating system was found to have 24 ‘zero days’ – the codename used by the CIA for tools to identify and exploit vulnerabilities and secretly collect data on individuals.
The OS is used in 85 percent of the world’s smart phones, including Samsung and Sony.
By exploiting gaps in the OS, it’s possible to access data from social messaging platforms, including WhatsApp, Weibo, Telegram and Signal before encryption is applied.
Another program appears specifically designed to target mobile devices running Android 4.0 to 4.3, allowing a third party to intercept and redirect SMS messages.
Apple products are not immune to the CIA’s hacking tools either. In fact, Vault 7 revealed a specific division dedicated to the hacking of Apple devices .
A tool known as ‘NightSkies’ specifically targets Apple products including the iPhone and Macbook Air. It purportedly even allows the CIA to infiltrate factory-fresh iPhones and track and control them remotely, providing “full remote command and control.”
WiFi can be easily exploited by the agency for spying, according to a number of leaks. One program called Cherry Blossom allegedly targets WiFi devices to monitor, control and manipulate the Internet traffic of connected users. No physical access is needed to implant the firmware on a wireless device, as some devices allow their firmware to be upgraded over a wireless link.
Another malware called Elsa tracks WiFi-enabled devices running Microsoft Windows, allowing the CIA to gather location data on a target’s device and monitor their patterns and habits. The malware allows the CIA to track the geo-location of wifi-enabled devices even when they are not connected to the internet.
Most of the malware referenced throughout the leaks is designed for use on the widely popular Microsoft Windows operating systems.
Many of these programs focus on uploading the malware via removable devices such as USB drives. Some, such as the ‘brutal kangaroo’ project, are designed to hide themselves from detection, and can even infect devices that have never been connected to the internet by air gap jumping.