WikiLeaks Unleashes Massive Trove of CIA Hacking Documents, Saying the Release “Eclipses Snowden Leaks”


[Update]: Apple Just Verified WikiLeaks’ CIA Dump - Samsung Also Responds to the Latest Leaks

WikiLeaks on Tuesday published another massive trove of documents purportedly taken from the Central Intelligence Agency's Center for Cyber Intelligence. Today's release appears to provide an "eye-opening look" at the details of America's cyberespionage toolkit.

WikiLeaks releases thousands of alleged CIA hacking and spying documents

"WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency," the organization said in a press release. "Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency."

Intelligence Coup of the Century: How CIA Secretly Sold Compromised Encryption Devices Through a Swiss Company to Over 120 Countries

According to Julian Assange, who is known for making bold comments, today's dump is the most comprehensive release of US spying files ever made public. There are a total of 8,761 documents that account for "the entire hacking capacity of the CIA". Today's release is only the first of a series of "Vault 7" leaks.

The Associated Press reported that it could not immediately authenticate the documents. However, WikiLeaks does have a long track record of releasing top secret government and intelligence documents. "Experts who've started to sift through the material said it appeared legitimate," AP reported. If true, the latest release will be yet another shakeup of an American intelligence agency, following the damning NSA leaks a few years back.

"We do not comment on the authenticity or content of purported intelligence documents," Jonathan Liu, a spokesperson for the CIA, said.

"Year Zero": CIA zero-day attacks against iOS, others

The latest collection of information released by WikiLeaks confirms what was already assumed of the US government's cyber-capabilities. The documents detail how the US government is attacking smartphones (including Android and iOS), PCs, Macs, routers, smart TVs, and more devices to gain intel.

The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s ‘HIVE’ and the related ‘Cutthroat’ and ‘Swindle’ tools.

The leak also confirmed that the agency uses many zero day exploits to attack devices. Previously, several tech companies have lamented over the fact that instead of helping companies to make these devices secure, intelligence agencies sit on this information, exposing millions of users to risk.

[Updated] WikiLeaks Not Ready to Share Code with Tech Companies – Google Says “Many” Leaked Android Flaws Are Outdated

"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.

WikiLeaks added that the agency has created its own NSA inside Langley, "with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified".

According to leaked documents, CIA's hacking division (aka CIA's NSA aka Center for Cyber Intelligence) had over 5000 registered users that had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware.

The site added that despite the iPhone's minority share, the CIA has a specialized unit within CCI that is devoted to developing and obtaining zero-day exploits for iOS devices.

Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

The press release further added that the agency focuses on several other platforms too, including attacking Samsung TVs that are turned into covert microphones.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS. After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

Not only Windows, macOS, Linux, and Samsung TVs, the agency was also looking to infect the vehicle control systems used by modern cars and trucks. "The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations."

Agency lost control of its entire cyber weapons arsenal

WikiLeaks claims that the agency has lost control of the "majority of its hacking arsenal."

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

If the experts do prove that these documents are legit, today's catastrophic breach - which is only a start - could prove to be damning for the CIA.

We will keep our readers updated as in-depth analysis of the leaked documents is shared. The full details of the leak are available on the group’s website.

Apple, Samsung and Google did not immediately respond to a request for comment at the time of writing.