Whistleblower website Wikileaks has posted thousands of documents of which the website claims they come from an internal network inside the CIA office in Langley. The documents contain extensive information about the hack software used by the CIA to hack iOS, Android and Windows devices, but also Samsung smart TVs.
The leak is called ‘Year Zero’ by Wikileaks and consists of 8,761 documents. According to Wikileaks it’s the first part of a series titled ‘Vault 7’.
The whistleblower website claims that the CIA recently lost control over a large part of its hack software. A collection of malware, viruses and hack software would circulate amongst government hackers and contractors. One of these persons has leaked the documents, according to Wikileaks, who keeps the identity of the person confidential.
The CIA has told the New York Times it won’t respond and the authenticity of the documents haven’t been verified.
The documents reveal the large scale on which the CIA uses its hacking possibilities. There are instructions on how to hack iOS, Android and Windows devices and one document also provides instructions on how to use a Samsung smart TV as a microphone for eavesdropping. Other documents show how the CIA has software to install keyloggers on frequently used devices so they can see exactly what an user typed, other instructions show how the CIA can by bypass known antivirus suites.
The American consulate in Frankfurt, Germany would be the European headquarters of the CIA to spy on European, African and Middle East targets.
Wikileaks received the documents as the source of the leak is worried about the wide range of hacking possibilities of the CIA. The source wonders whether the secret service goes beyond what it is allowed to do and wants to start a discussion, according to Wikileaks.
The documents also reveal that the CIA collects zero-day leaks and doesn’t report them to the developers of the software, while the Obama administration promised to do this more often.
Wikileaks has censored some information in the documents including names and email addresses, also attachments, possibly including the hack software itself haven’t been published.