Wikileaks, the whistleblowing new agency has dropped a massive bombshell on the public, shaking up the entire Internet. The organization released Vault 7 this morning, essentially detailing a massive CIA hacking database. The database includes cyber-weapons that amass more lines code than is used to run Facebook.
Prior to the Vault 7 leaks, Wikileaks had teased about an upcoming “Vault 7” leak with a series of cryptic tweets that no one understood. A couple of weeks after the conspiracies had cooled down, Wikileaks had suddenly announced Monday, that they were going to have a live press conference regarding Vault 7 coming Tuesday at 9am.
This morning, Wikileaks published the first of what the organization is calling a multi-part series of documents and files from the Central Intelligence Agency. “The first full part of the series, ‘Year Zero’, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina,” Wikileaks said in their Vault 7 press release.
Vault 7 contains a huge number of documents, some of which are incomplete or redacted, an unusual move from the Wikileaks organization. Instead of releasing CIA officers names, countries targeted, and machines infected, the organization has tagged each user with a unique number identifier (ex. User #524297). “These redactions include tens of thousands of CIA targets and attack machines throughout Latin America, Europe, and the United States,” Wikileaks explained. “While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”
Within the thousands of pages of documents are an extensive arsenal of documented hacking tools. While Wikileaks has withheld the actual cyber weapons, they have released the documents detailing the capabilities of these weapons. Among the tools listed are an extensive collection of vulnerabilities for iOS, Android zero-days, as well as hacking techniques from various countries. These hacking tools, “permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide, and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied,” Wikileaks explained. This is not to say the CIA has broken encryption, it’s to highlight that the CIA can intercept any form of digital communication before it can be secured.
Documents reveal the CIA has also obtained hacking techniques from several other countries to ensure that their fingerprint is not found on malware across servers and tied back to them. Allowing the CIA to effectively hack a machine, and make it appear as if it was from another country. There is also detailed documentation on a joint workshop the CIA did with the UK’s MI5 team on a project dubbed “Weeping Angel.” An attack that allowed the agency to turn Samsung Smart TV’s into eavesdropping devices. The program made the TV appear off while it was activated, allowing the agency to eavesdrop on the microphone at any time.
One of the most shocking documents within Vault 7 is the CIA’s possibility of hacking cars. In detailed notes from a branch meeting, the CIA discusses the possibility of infecting the vehicle control systems used by modern cars and trucks. “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations,” Wikileaks explained.
Many acclaimed experts have already confirmed the authenticity of Wikileaks documents, not that Wikileaks needs confirmation in the first place. It’s also key to note this is only the first leak of a massive multi-part series of leaks.
FreedomHacker will soon begin documenting these tools and documents after scanning them. Please stay patient we will keep you updated.