Wikileaks reveals CIA malware for Android, iOS, Samsung TVs

Whistleblowing organisation Wikileaks has published its latest cache of documents, revealing CIA malware that focuses on Android, iOS devices and smart TVs. Additionally, the documents also show that the CIA has its sights set on vehicle control systems.

According to a summary by Wikileaks, Apple‘s mobile platform was a massive target for the agency.

“Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialised unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote ‘zero days’ developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop,” the whistleblowing group wrote.

“The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.”

The latest Wikileaks documents shed light on the CIA’s malware, targeting Android, iOS and even smart TVs

What about Android, then?

Wikileaks says that a similar unit targets Google’s platform, adding that the agency had 24 “weaponised” zero-day vulnerabilities at its disposal.

And yes, these hacks allowed the CIA to “bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloackman (sic) by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied”.

One of the more startling revelations was the CIA’s ability to hack into smart television sets, turning them into “covert microphones” in the process.

“The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel [the malware – ed] places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the internet to a covert CIA server.”

CIA hoarding zero-day security gaps?

The Wikileaks summary claims that, as of October 2014, the agency was also looking at malware for vehicle control systems, ostensibly with assassinations in mind.

Traditional desktop users were also a focus for the CIA, with Wikileaks claiming the agency was running a “very substantial effort” to infect Windows users. Mac, Linux and Solaris users weren’t left out of the cold either, with the agency developing “automated multi-platform malware attack and control systems”, according to the whistleblowing organisation.

The organisation also noted that the CIA was “hoarding” vulnerabilities instead of disclosing them to manufacturers. This was despite the Obama administration’s assurance to the US tech industry that vulnerabilities found after 2010 would be disclosed.

Featured image: Christine und Hagen Graf via Flickr (CC 2.0, resized)