As if we weren’t concerned enough about evil-doers hacking our smart-home devices, WikiLeaks revealed today that the CIA has been hacking into consumer iOS, Android and Windows devices, as well as Samsung smart TVs for the past several years.
The accusations of CIA hacking were culled from a trove of documents code-named “Vault 7″ by WikiLeaks.
WikiLeaks points to a group within the CIA, called EDG (Engineering Development Group), that develops CIA malware and hacking tools for the agency:
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
While it’s no secret that the CIA routinely hacks networks and devices of citizens and governments, WikiLeaks says these newly revealed breaches are the “most emblematic realization” of George Orwell’s 1984.
In particular, the news organization cites malware called “Weeping Angel,” which “infests smart TVs, transforming them into covert microphones.”
Weeping Angel, allegedly developed “in cooperation” with the UK’s MI5/BTSS, was used to attack Samsung smart TVs, starting in 2014, according to WikiLeaks:
After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
WikiLeaks reports the CIA also has technology to infect vehicle control systems in modern-day cars and trucks, allowing the agency to “engage in nearly undetectable assassinations.”
Mobile devices, too, are subject to CIA hacking, according to WikiLeaks: “Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.”
The CIA tools, WikiLeaks says, “permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”
So the million-dollar question is: Does Trump have a Samsung TV?
Read more from WikiLeaks on “Vault 7”
Here’s the direct link to the Samsung TV “Weeping Angel” hack, which is excerpted below.
Weeping Angel (Extending) Engineering Notes
SECRET // REL USA,UK
Accomplishments during joint workshop with MI5/BTSS (week of Jun 16, 2014)
- Discovered delete and download keyfiles are sensitive to any newline characters.
- Found configuration file and setting that manages automatic updates.
- Added feature to periodically re-acquire alsa (audio) device while in Fake-Off mode.
- Suppress LEDs to improve look of Fake-Off mode.
- Ported and modified TinyShell to provide shell, command execution, file transfer. This version is known as pshell since it's shell functionality is really a wrapper around popen() calls to emulate shell like functionality.
- Added feature to prevent updates (an iptables rule — ported iptables application to this platform).
- Received sanitized source code from UK with comms and encryption removed.
- Tested on firmware versions 1111, 1112, and 1116 and characterized various recording qualities (wrt file size) and noise cancellation.
Factory reset: With TV powered off, enter the following key presses on the remote:
{{MUTE}} 182 {{POWER}}
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!