Wikileaks released its Vault 7 part 1 of documents related to the CIA’s global hacking force on Tuesday.
— WikiLeaks (@wikileaks) March 7, 2017
The CIA hid its ability to hack start phones and TVs worldwide from makers — Despite Obama’s pledge to reveal these capabilities.
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7” by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.
By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
It’s not just the CIA… China loaded Android and Samsung devices with spyware.
According to a FOX Business Network report Chinese manufacturers loaded over 700 million Android devices with spyware.
Software from a Chinese company was found pre-installed in an estimated 700 million Android devices. Pre-installed, meaning it was already on the phone when you bought it.
The spyware was loaded on phones, TV, cars, etc.
The spyware allowed Chinese officials to listen to your phone calls, read all your text messages, steal your family and friends contacts, and even remotely control your devices.
Via Fox Business Network:
Android Police reported on this shocking spyware discovery.
Mobile security is a huge issue, but most consumers tend to think that at least a brand new phone is safe. That assumption may be in error, according to security research firm Kryptowire. In a new report Kryptowire documents the inclusion of software tools collectively called Adups, which allegedly shipped on phones like the Blu R1 HD and other devices sold internationally, including the US market via Amazon and Best Buy.
If true, the report is a damning accusation for the software’s creator Shanghai Adups Technology and its manufacturer and carrier partners. Kryptowire claims that Adups has the capability to collect IMEI data, SMS logs and contents, call logs, contact names, and IP addresses, then send the data back to third party servers in China without notification or permission from users. Said data was collected and encrypted every 24 to 72 hours in the testing phase, then transmitted to two specific IP addresses owned by Adups. Even worse, the software can remotely install new applications with system-level permissions.
Adups bills itself as a company that supplies services for over-the-air software delivery. Though Adups does not exclusively service cell phones (its marketing material includes connected cars, home monitoring equipment, retail sales software, and wearable tech), it claims 700 million active users in over 200 countries. The remote backup and install capabilities of the Adups software aren’t unheard of, but they’re generally available only to manufacturers and carriers, and aren’t usually paired with access to personally identifiable information like contact names.