On Tuesday, 7th of March WikiLeaks released a collection of documents that is said to be a leak on U.S. Central Intelligence Agency. This collection of documents is said to be the largest ever publication of confidential documents on the agency and it is codenamed “Vault 7”. According to WikiLeaks, CIA has lost control over their major developments in the hacking arsenal “Year Zero”. Which includes malware, trojans, remote control systems and their supporting documentation as well.
These more than 70 million lines of code are capable of hacking a lot of devices and intrude anyone’s privacy. As per the report, these tools have the capability to hack into your iOS, Android and Windows devices. Moreover, they can hack into Samsung’s Smart TVs as well, converting them into covert microphones.
WikiLeaks dump of CIA Hacking Tools
All these tools are said to be armed, which means they can protect themselves from external sources. They may either self-destruct or not operate if not used properly. None of the tools have been publically released by WikiLeaks, but the supporting documentation has been. The documentation reveals the existence of such tools and their possibilities. The collection of documents belongs to the various branches of the CIA organization.
The documentation not only includes information about tools being developed but they also contain some tutorials about installing software, meeting notes and also some references to other hacking and common tools.
I was just going through the leaked documentation and realized that a tutorial was entirely similar to what I’ve already seen on the internet. A tutorial on Android Reverse Tethering was entirely similar to a post on XDA forums, but there were comments and modifications in the leaked document.
Here are some facts that are taken from the WikiLeaks:
- CIA has developed a program called “Weeping Angel” that can affect Smart TVs. It can convert Samsung Smart TVs into covert microphones. The TV is put to a fake off mode, and the voice is collected in the background and sent to CIA servers over the internet.
- There is a specific rule set that is followed by the CIA hackers while writing programs. “TRADECRAFT DO’s AND DON’Ts” is the document contain rules on how the malware should be written to protect them from the antivirus software. Also, it is reported that the hackers have successfully developed methods to defeat most of the popular antivirus. Comodo was said to be defeated by placing a malware in the recycle bin.
- An automated multi-platform tool has been developed that can be used for penetration, infestation, control, and exfiltration. “HIVE” provides customizable implants for different operating systems that can communicate back to CIA servers over an HTTPS connection.
- A group called UMBRAGE collects and improves a repository of hacking software taken from other sources. The only purpose of using someone else’ hacking tools and code is to leave false footprints. The tools include common keyloggers, antivirus avoidance programs, stealth techniques, etc. By using UMBRAGE programs, CIA can not only attack in different ways but also misdirect the victim about the attacker.
There is an entire section in the documentation that covers popular antivirus programs. Although these pages have been marked secret, they are to be revealed soon when it is safer to do so. Evading Antivirus software has been achieved by the hackers at CIA as per the report.
More about documentation
There are a lot of other programs and a lot of supporting documentation. You can go through them all, and for sure you will learn a lot from them. A lot of revelations have been based upon these documents and programs obtained by WikiLeaks. For instance, this organizational chart has been based upon these documents and still includes a lot of question marks. Real and proper organizational structure of CIA is still unknown.
Anything you read in these documents is monitored entirely by WikiLeaks. Parts of these documents have been hidden and replaced. Also, some documents are marked as Secret. Most of the names, identities and other sensitive information have been redacted. Also, all the IP addresses and ports have been replaced by some dummy content.
A lot more information about these documents has been kept secret by WikiLeaks. There might be some point where you may think about the non-existence of such tools and hacks. That is completely up to you, but as a personal opinion, I feel that these tools have always existed. They’ve been just behind the curtains.
As per WikiLeaks, these documents are dated between the years 2013 and 2016. No information about the source has been revealed yet. And once the tools are disarmed and safer to share, they will be shared by them.
The WikiLeaks press release also discusses the proliferation risks involved in these hacking tools. These excerpts from the release can make you understand better.
- While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber ‘weapons’, once developed, are very hard to retain.
- Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information, they can be copied quickly with no marginal cost.
- Once a single cyber ‘weapon’ is ‘loose’, it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
So, the proliferation of these tools (if they exist) should not happen at all and a solution should be brought up as soon as possible. Also, the existence of such tools questions the loopholes currently available in our system. They’ve been discovered by CIA, and there is a possibility that these flaws can be discovered by individual hackers and other companies.
According to the report, CIA can hack into your iOS and Android device. Which means there is some point that let the hackers in. And that equates to our mobile phones not being safe enough.
So this was all about “Vault 7” and “Year Zero” in simplest words. If you understand technical terms and some code, then you must go ahead and have a look at the documents. It is the greatest collection of technical articles and content I’ve ever seen. You can know more about all the tools available for different platforms from the documentation.
- How CIA used Fine Dining attack to hijack DLL files
- Old WikiLeaks post detailing how to skip Windows Activation surfaces
- How to prevent being spied on by the Government.