WikiLeaks has published a new set of documents that shed light on the CIA’s hacking capabilities. Dubbed “Vault7,” the publication contains 8,761 documents and files purportedly taken from a secure network within the CIA’s headquarters at Langley, Virginia. The documents describe a number of remote exploits and hacking tools, similar to the NSA’s ANT catalog published by Der Spiegel in 2013.
The files contain numerous exploits for both iOS and Android devices, dating from between 2014 and 2016. The agency seems to have had more success targeting Android devices, with roughly 24 weaponized exploits, compared to 14 for iOS. The exploits come from a variety of sources, including partner agencies like the NSA and GCHQ or private exploit traders. In one case, a published iOS 8 kernel attack is listed as an exploit, credited to security researcher Stefan Esser.
Another of the published exploits — codenamed “Weeping Angel” — appears to target Samsung smart TVs, which drew criticism on release for their always-on voice command system. According to WikiLeaks, the exploit makes the television “operate as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.” The documents themselves paint a more ambiguous picture, with possible applications focusing on credential extraction rather than direct audio recording.
Today’s release is one of the few WikiLeaks publications to include redactions, erasing the IP addresses and other identifying information of many devices targeted by the CIA. WikiLeaks has been criticized in the past for failing to redact sensitive information, including the medical files of rape victims.
“While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model,” the post explains, “and note that the quantity of published pages in ‘Vault 7’ part one already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”