wikileaks reveals CIA hacking tools

[Bsmith]

source: https://wikileaks.org/ciav7p1/

 

 

It has been done!

wikileaks got their hands on a compresive list of CIA tools used to break into computers, phones and other systems across the globe.

Down below there will be a few quoted pieces from the source, this is quite a major finding if you ask me.

 

Title: Press release

Quote

Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.

Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.

By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that "There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of "Year Zero" goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Wikileaks has carefully reviewed the "Year Zero" disclosure and published substantive CIA documentation while avoiding the distribution of 'armed' cyberweapons until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published.

Wikileaks has also decided to redact and anonymise some identifying information in "Year Zero" for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

 

Title: CIA malware targets Windows, OSx, linux, routers

Quote

The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( "Brutal Kangaroo") and to keep its malware infestations going.

Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa".

Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB).

The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section below.

 

Title: CIA 'hoarded' vulrnabilities ("zero days")

Quote

In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.

Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.

The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.

"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.

As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.

The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.

 

 

this is big and drastic, besides what I named there is also a piece which claims that the US consulate in frankfurt(Germany) is actually a base for CIA hacker's within europe, the middle east and africa.

as always it's hard to tell how much is true since it is wikileaks, but then again I wouldn't be amazed if this is all true, it's the CIA afterall, which has a "reasonable" reputation for acting outside US borders.

[TidaLWaveZ]

Nah, the American Administration would never allow something like this to happen. Soike 

 

[Bsmith]

Just now, TidaLWaveZ said:

Nah, the American Administration would never allow something like this to happen. Soike 

 

I would like to refer you to the CIA project MKUltra from the 1950's.

https://en.wikipedia.org/wiki/Project_MKUltra

which was carried out in france, without knowledge of any US official, french official nor local/international authorities.
they basicly experimented with LSD on a french village to see if they could use it as mind control/truth serum(not technically correct explanation)

[Tech_Dreamer]

C.I.AAyyy....

 

[TidaLWaveZ]

Just now, Bsmith said:

I would like to refer you to the CIA project MKUltra from the 1950's.

https://en.wikipedia.org/wiki/Project_MKUltra

which was carried out in france, without knowledge of any US official, french official nor local/international authorities.
they basicly experimented with LSD on a french village to see if they could use it as mind control/truth serum(not technically correct explanation)

I think you missed the "soike "

 

The US Gov is notorious for lying, in fact a lot of times they admit it decades later like the time they faked the gulf of Tonkin incident.

[Castdeath97]

Okay, this also goes in my list of "Why it is stupid to have loopholes".

[Bsmith]

Just now, TidaLWaveZ said:

I think you missed the "soike "

 

The US Gov is notorious for lying, in fact a lot of times they admit it decades later like the time they faked the gulf of Tonkin incident.

excuse me for that kind sir!

[arbellason55]

Want to hear a joke?

 

 

 

 

 

 

 

 

 

 

 

Privacy

[Zodiark1593]

If it runs code, it can be hacked. No new news. It's not as though any of us were expecting the CIA to twiddle their thumbs all day. The above merely confirms this. 

[Delicieuxz]

14 minutes ago, Bsmith said:

I would like to refer you to the CIA project MKUltra from the 1950's.

https://en.wikipedia.org/wiki/Project_MKUltra

which was carried out in france, without knowledge of any US official, french official nor local/international authorities.
they basicly experimented with LSD on a french village to see if they could use it as mind control/truth serum(not technically correct explanation)

 

6 minutes ago, TidaLWaveZ said:

I think you missed the "soike "

 

The US Gov is notorious for lying, in fact a lot of times they admit it decades later like the time they faked the gulf of Tonkin incident.

 

There's also the CIA's use of pufferfish toxin to cause heart attacks as an assassination tool.

 

Reporter Udo Ulfkotte, Who Exposed Governments Creating Fake News War Propaganda, Found Dead

Vitaly Churkin, Russia's ambassador to UN, dies suddenly at 64

 

 

The Real Drug Lords: A brief history of CIA involvement in the Drug Trade

The USA's Overthrowing of other people’s governments: The Master List

Anonymous Leaks to the WashPost About the CIA’s Russia Beliefs Are No Substitute for Evidence

 

The CIA is an organization of evil people.

[stratege1401]

yep, i assure you the russian, franch, canadian, chinese, potuges, spannish, romanian, mexican, africaans .... have the same. 

Now, the reel problem is the usage of those tools.

 

with reels powers, come great responsability !!!

Maybee someone should tell this to D.T

[Sir Asvald]

I read Wikipedia instead of WikiLeaks.. 

[dfsdfgfkjsefoiqzemnd]

2 hours ago, Bsmith said:

as always it's hard to tell how much is true since it is wikileaks

Seeing as they have a very good track record (almost everything they published has been verified one way or another), I have no doubt that it is true.  I have more faith in Wikileaks than in the various governments whose shady practices keep getting exposed.

 

 

 

The big issue IMO is this :

2 hours ago, Bsmith said:

In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.

Instead of disclosing these vulnerabilities, they kept them to themselves so they could keep exploiting them.  That puts everyone at risk. 

[samcool55]

16 minutes ago, Captain Chaos said:

The big issue IMO is this :

Instead of disclosing these vulnerabilities, they kept them to themselves so they could keep exploiting them.  That puts everyone at risk. 

Yup, they even let pedophiles go just to protect their tools.

https://www.documentcloud.org/documents/3482329-Michaud-motion-to-dismiss.html#document/p2/a341591

 

Which is like... wtf?

First they yell to everyone they do this sh*t to stop terrorists and pedophiles and when they finally catch one they let him go because they don't want people to know how they spy on everyone...

[SpaceGhostC2C]

1 hour ago, Captain Chaos said:

The big issue IMO is this :

Instead of disclosing these vulnerabilities, they kept them to themselves so they could keep exploiting them.  That puts everyone at risk. 

We are past mere risk by now since

Quote

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

which means that we can replace "CIA" with "who knows how many people"... 

[SCHISCHKA]

I was just reading this on RT https://www.rt.com/news/379724-wikileaks-assange-cia-hacking/

Quote

In WikiLeaks’ analysis of ‘Year Zero’ it detailed ‘Weeping Angel’, a surveillance technique which infiltrates smart TV’s, transforming them into microphones.

this has been suspected for ages. how many boardrooms have I been in that has had a samsung smart TV? I should start a business removing microphones from smart TVs but then my time would be consumed dealing with tin hat weirdos

[Shakaza]

Oh boy, this is juuuuust great. At least we might have some exploits the CIA hoarded fixed now. That's something, I guess?

[WMGroomAK]

7 minutes ago, SCHISCHKA said:

I was just reading this on RT https://www.rt.com/news/379724-wikileaks-assange-cia-hacking/

this has been suspected for ages. how many boardrooms have I been in that has had a samsung smart TV? I should start a business removing microphones from smart TVs but then my time would be consumed dealing with tin hat weirdos

I was reading that in the Ars Technica article and was thinking 'Boy am I glad I didn't spend extra for a Smart TV'.  Honestly don't know why people would get a Smart TV with some of the bad UIs that they slap on them, except for the push by the manufacturers...

[Guest Kloaked]

1 minute ago, WMGroomAK said:

I was reading that in the Ars Technica article and was thinking 'Boy am I glad I didn't spend extra for a Smart TV'.  Honestly don't know why people would get a Smart TV with some of the bad UIs that they slap on them, except for the push by the manufacturers...

Samsung's UI isn't too bad, at least for the 4k one that I have. Works like a charm.

[SCHISCHKA]

9 minutes ago, WMGroomAK said:

I was reading that in the Ars Technica article and was thinking 'Boy am I glad I didn't spend extra for a Smart TV'.  Honestly don't know why people would get a Smart TV with some of the bad UIs that they slap on them, except for the push by the manufacturers...

you get netflix without having to buy android or apple tv, thats all it really is. You dont really need the microphone. You get skype so you can have a video call like in back to the future. The controversy when it came out was your microphone at anytime would send voice recordings to samsung or google servers so this wikileaks release has always been assumed would happen eventually

 

 

[ashypanda]

this is why i never remove my tin foil hat, as while they may see what's on my computers and phone, they'll never get my thoughts or subject me to mind control.

[JoseGuya]

And the American public reaction is: Apathy. 

 

Why  Americans are not rioting in the streets demanding the head of everyone  in Washington, is beyond me. 

[Cheezdoodlez]

36 minutes ago, SCHISCHKA said:

I was just reading this on RT https://www.rt.com/news/379724-wikileaks-assange-cia-hacking/

this has been suspected for ages. how many boardrooms have I been in that has had a samsung smart TV? I should start a business removing microphones from smart TVs but then my time would be consumed dealing with tin hat weirdos

I read that. And it got me wonder. I have a smart TV from samsung, but to my knowledge it has no microphone. And I was just checking I cant find any indication on the TV-settings or the remote that tells me otherwise. 

So that would mean I would be safe from that atleast? Of course they can be listening in on my phone or computer instead but atleast the TV aspect should be fine?

[SCHISCHKA]

1 minute ago, Cheezdoodlez said:

I read that. And it got me wonder. I have a smart TV from samsung, but to my knowledge it has no microphone. And I was just checking I cant find any indication on the TV-settings or the remote that tells me otherwise. 

So that would mean I would be safe from that atleast? Of course they can be listening in on my phone or computer instead but atleast the TV aspect should be fine?

I dont want to be the cause of panic but we dont know what we dont know. If you have no mic or camera then they can only spy on what you are sending/receiving over the network. My trick is to flood them with cat photos and videos. They have to go through a lot of pussy to spy on me

[DarkBlade2117]

23 minutes ago, JoseGuya said:

And the American public reaction is: Apathy. 

 

Why  Americans are not rioting in the streets demanding the head of everyone  in Washington, is beyond me. 

Because it hasn't reached Fox and CNN yet, where every 40+ year old spends their mornings and nights/evenings