WikiLeaks announced on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA).
The huge trove of data, called “Vault 7,” exposed the hacking capabilities of the US Intelligence Agency and its internal infrastructure.
“The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina.” reads the announcement issued by WikiLeaks by Wikileaks.
“Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation.”
According to Wikileaks, the precious archive appears to have been circulated among former US government experts and contractors in an unauthorized manner. One of them likely provided the files to WikiLeaks.
The archive includes confidential information, malicious codes, and exploits specifically designed to target popular products from various IT companies, including Samsung, Apple, Google, and Microsoft.
The arsenal used by the Central Intelligence Agency hackers was composed of hacking tools developed by the CCI’s Engineering Development Group (EDG).
The developers at EDG are tacked for developing and testing any kind of malicious code, including implants, backdoors, exploits, Trojans and viruses.
The CIA has dozens of zero-day exploit code in its arsenal that can be used to target almost any platform, from Windows and Linux PC, to Android and iOS mobile devices.
“CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation).” continues Wikileaks.
WikiLeaks confirmed that it will not release the tools and exploits “until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.”
The leaked documents also revealed that the CIA used hacking tools developed by the British intelligence agencies (GCHQ and MI5), the NSA, the FBI and also contractors.
The documents refer a joint development of the CIA and MI5 for the development of a malware, dubbed Weeping Angel, that was used to compromise Samsung Smart TV.
“The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.” continues Wikileaks.
The leaked files disconcerting scenario, the CIA was in possession of tools that were able to hack almost any platform, from modern vehicles to air-gapped systems.
(Security Affairs – Wikileaks, hacking tools)