Hacking Smartphones Is A Game For CIA, Reveals WikiLeaks

Last updated: July 5, 2023 Reading time: 5 minutes
Disclosure
Share
wikileaks-cia-smartphone-hacking

Wikileaks released a trove of files on Tuesday that confess about the CIA’s expertise on hacking your smartphones. According to the documents, CIA has a library of software attacks which can access to your smartphones and Apple iPhone, including those which could have a complete hold of your device.

The wide range of alternative access opportunities is provided by the attacks. Some give the sole power to the attacks by giving the control over “Kernel”  which is the head of operating system for a smartphone, or at least to have a so-called “root” access, meaning to have large control over the files and software processes. Information like geolocation, communications, contacts, and more could be accessed by this technique. This could be helpful in targeted hacking instead of extended surveillance. However, one document reads a process by which specific unit within CIA “develops software exploits and implants for high priority target cell phones for intelligence collection.”

The Wikileaks documents further include detailed charts showing the probability of certain attacks which could be done by CIA on different types of cell phones and operating systems, including recent versions of iOS and Android – in addition to the attacks CIA has collected from other, public sources of Malware.

The documents indicates that except the exploits allegedly developed by the CIA, some were also discovered and released by cyber security companies, hacker groups, and independent researchers which were then purchased, downloaded or otherwise borrowed by the CIA or other members of the intelligence community counting  FBI, NSA, and the NSA’s British counterpart GCHQ.

Shamoon, a borrowed attack is an infamous computer virus for stealing data and then fully impairing the hardware. Persistence, a tool founded by CIA is capable of giving the agency command over the device whenever it boots up again. Swamp monkey is another acquired attack by CIA, helps to get root access to the undisclosed android devices.

https://twitter.com/pwnallthethings/status/839138010151079937

Former GCHQ analyst Matt Tait, tweeted “This is a very impressive list.” Viewing some of the attacks still to be viable.

Matt Green, the cryptographer at Johns Hopkins University, agrees with the fact that the leak was impressive but thinks that there were not many technically surprising hacks. This deficit of originality may have originated from a desire on the part of the agency to avoid detection, judging from one document of the trove, in which Equation group, an NSA hacking toolkit, and its public exposure is discussed by an apparent CIA personnel.

The iOS hacking chart, one of the Wikileaks documents show that also an FBI hacking division, the Remote Operations Unit, has also been working on to discover a way through to iPhone. While investigating the slayer of a mass shooting in San Bernardino last February, the FBI attempted argued in the court that Apple was indentured to give FBI access to its phone by generating an inefficient version of the device’s operating system.

If the WikiLeak documents are accurate, the pre-existing deep involvement of FBI and other elements of the investigative company in making their own way to the iPhone would have been shown. Government assurances regarding San Bernardino case that any exploit developed by Apple to give FBI access to the murder’s phone would not be disclosed to criminals or nation states, is also under question after the compromise of the document.

A trove of more than 8,000 documents have been released by WikiLeaks revealing CIA and FBI hacking process, said to be originated from a CIA network and date from 2013 to 2016. The CIA denied to comment on the documents which exposed the CIA techniques, allegedly developed to convert so-called smart televisions into listening devices. Indicating active investigations to the revelations, the Google also declined to comment, however, Apple does not respond to a request for comment.

It is obscure about the fact that who has given the WikiLeaks an access to the documents; an impact came out from the material hosted on the site shows that it’s coming from a whistle blower who wants to trigger a debate about the security, creation, use, proliferation and democratic control of cyber weapons. But the leaker could also be an outsider, may be backed by a foreign power.

“This could be as much about Russia as CIA or WikiLeaks,” tweeted Jason Healey, Senior Research Scholar at Columbia University’s School for International and Public Affairs “A continuation of the tear down of U.S. government.”

According to a chart in the file database, a German iOS security researcher Stefan Esser, has developed an iOS named ‘ironic’ which gives an access to the operating system Kernel, however, when iPhone was updated to iOS 8.0, the hack died.

Without referring to any document, Wikileaks discussed CIA access level to encrypted applications including popular Open Whisper Systems’ application Signal – yet the documents do not show CIA has broken the app’s end to end encryption. However, the CIA can bypass the encryption by hacking the phone itself and everything on it, including data stored within any app — including messages from Telegram, WhatsApp, and other secure messaging apps, the document indicated.

WikiLeaks documents stated that the CIA has violated the commitments made by Obama’s administration to acknowledge the vendors about serious software vulnerabilities to improve the security of their products.

Vulnerabilities Equities Process, a system developed by the administration to allow various government organizations to help determine when it’s better for national security to expose unpatched vulnerabilities and when it’s better to take advantage of them to chase targets.

Nathan White, senior legislative manager for digital rights group Access Now, in a press release wrote a response to new leaks, ”Access Now condemns the stockpiling of vulnerabilities, calls for limits on government hacking and protections for human rights, and urges immediate reforms to the Vulnerabilities Equities Process,” indicating that at least some civil liberties advocates acknowledge the WikiLeaks assessment.

Share this article

About the Author

Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.

More from Zehra Ali

Related Posts