Wikileaks today have released a stash of documents that reveal how the CIA have been using zero day exploits in Android smartphones, iPhones and even smart TVs to spy on people. CIA agents have also been writing trojans, viruses and malware that will let them control not just phones and tablets but PCs running Windows and even more exotic operating systems only usually found in businesses and large institutions such a Solaris Unix and Linux.
The leaked documents reveal how the CIA had been keeping secret the existence of the backdoors that they had discovered and were using despite a 2010 agreement that any vulnerabilities discovered by spying agencies would be given to the tech companies that make the product, so they can patch it. By hoarding details of these backdoors for themselves, the CIA put at risk everyone who uses these products, due to the vulnerability eventually being discovered and used by cyber criminals or other foreign spies.
The documents go on to mention how the CIA has instructions on how to write malware so that it can’t be spotted by antivirus software and also so that there are no coding signatures to identify the software back to the CIA.
The files expose how the CIA can use exploits in both Apples iOS and Google’s Android to turn smartphones into spying devices. These can be remotely controlled to give the agency a phones GPS location, copies of text messages and even switch on the microphones and camera all without the owner of the phone knowing. This also allows them to get around the issue of people using encrypted chat apps such as Skype and Whatsapp by recording the conversations at the handset where they are unencrypted.
It is not just the CIA that the leaked docs reveal has been using consumer technology to spy, a program known as “weeping angel” was co-developed by MI5 in the UK to turn Samsung smart tellies into spying devices by making them appear off but the microphones are switched on and recording the conversations in the room.
Obviously in the modern world it is no surprise that spies have to use technology to get their intel. But in developing their own malware and exploiting unreported software bugs they run the risk of opening everyone who uses the technology not just the bad guys.
To see all 8000+ leaked CIA files head over to the wikileaks website