Subscriber Discussion

Wikileaks Releases Info On CIA IOT Hacking Software

U
Undisclosed #1
Mar 07, 2017
IPVMU Certified

Wikileaks Vault7: CIA Hacking Tools Revealed

From the NY Times

WikiLeaks on Tuesday released thousands of documents that it said described sophisticated software tools used by the Central Intelligence Agency to break into smartphones, computers and even Internet-connected televisions...

The initial release, which WikiLeaks said was only the first part of the document collection, included 7,818 web pages with 943 attachments, the group said. The entire archive of C.I.A. material consists of several hundred million lines of computer code, it said.

The code is not being released, yet that is...

It said it was not releasing the computer code for actual, usable cyberweapons “until a consensus emerges on the technical and political nature of the C.I.A.’s program and how such ‘weapons’ should be analyzed, disarmed and published.”

But the sheer number of zero-day exploits are enough to make bashis blush:

...its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of US and European company products."

It added that the products included Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, "which are turned into covert microphones”.

Thoughts?

UM
Undisclosed Manufacturer #2
Mar 07, 2017

But...but...you said there was going to be freedom from tyranny?

(1)
(3)
U
Undisclosed #3
Mar 07, 2017

And you guys are scared of Hikvision Cameras? :D

(1)
(2)
JH
John Honovich
Mar 07, 2017
IPVM

#1, thanks for sharing. I added the primary source at the top of your OP - Wikileaks Vault7: CIA Hacking Tools Revealed

No IP camera / video surveillance references that I could find.

However, most interesting / related element was the Samsung Smart TV:

"Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization....

After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As for U3's joke about Hikvision, the two most powerful / scary hacking outfits are the Chinese and US governments so I am not sure how this leak about them turning a smart TV into a covert surveillance device should make any video surveillance professional feel better.

Once Hikvision has Hik Connect on and active inside numerous houses and businesses, it too will become a tempting system to hack / listen in on.

 

(3)
Avatar
Joseph Marotta
Mar 08, 2017
IPVMU Certified

I'm all for unplugging TV sets when not in use.  

And truth be told, I never fully trusted my i(spy)Phone!

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions