Leaked secret CIA files detail tools for hacking iPhones, Android, smart TVs

Thousands of classified "secret" and "top secret" files point to a covert effort by the CIA to develop exploits for vulnerabilities in popular phones for surveillance.
Written by Zack Whittaker, Contributor

(Image: file photo)

Thousands of documents said to be from the CIA's Center for Cyber Intelligence, a senior elite hacking unit within the US intelligence agency, have been leaked.

The documents, released Tuesday by the website WikiLeaks, could not be immediately verified, but as the Associated Press noted, the website has a long track record of releasing classified government documents.


Seal of the Engineering Development Group, the CIA's elite malware makers.

WikiLeaks said that the documents span 2013 to the end of 2016, and it indicated that it will publish more files in due course.

If the documents are proven to be genuine, this would mark yet another startling breach at US intelligence in recent years, following the revelations by Edward Snowden.

Many of the files reference an elite software unit, dubbed the Engineering Development Group, which builds and tests "backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations worldwide," according to the leak site's analysis.

In total, the hacking group is said to have developed "more than a thousand" exploits and other "weaponized" malware for a range of devices, technologies, and softwares.

The files also show the group's focus on iPhones, iPads, and Android devices, with an aim of countering security measures and encryption apps.

These exploits can collect a user's location, audio and text messages, and silently activate the device's camera and microphone.

One of the files, labeled "secret" and not for sharing outside the US intelligence community, appears to detail acronyms and terms used by various agencies tasked with building vulnerabilities for iPhones and iPads. Another document shows dozens of working exploits that US agencies, including the FBI, can use to conduct surveillance and intelligence gathering on Apple users.

Other files, some classified as "top secret," detail sensitive reflashing procedures for modern iPhones, which allow the cyber unit to configure devices to a particular operating system and setting in order to carry out "exploits and implants for high priority target cell phones for intelligence collection."

Some of the vulnerabilities appear to be as recent as iOS 9, released in late 2015.

The CIA claimed at the end of 2016 to have 24 zero-days for Android phones and devices, developed by its own staff or obtained by third-parties.

In some cases, exploits have been "purchased" from private-sector exploit hunters by the NSA and shared with the CIA and British intelligence counterpart GCHQ.

However, the various exploits have not released as part of the cache's publication, unlike similar data breaches.

Many of the other exploits include Windows desktop and server operating systems, Macs, Linux machines, and other major enterprise software, such as VMware.

Tony Robinson, a former staffer with Tailored Access Operations, the NSA's hacking unit, called the leaks "disconcerting" in a tweet.

"The bigger problem is that this exposes more of our tradecraft. The cards are on the table," he said.

Whereas cryptography professor Matthew Green said in a tweet that while the leak was "impressive" in scale, he had yet to see "anything technically surprising."

It's not known where the slew of hacking tools and files came from. Last year, a group known as the Shadow Brokers alleged to have obtained the NSA's in-house hacking tools. WikiLeaks said later it had obtained the full cache of files -- though, it's not known if Tuesday's release was the same cache or not.

WikiLeaks was most recently known for disclosing emails by the Democratic National Committee, thought to have been hacked by Russian intelligence. Critics accused the leak website of facilitating a campaign to discredit the Democratic presidential nominee Hillary Clinton.

A CIA spokesperson said: "We do not comment on the authenticity or content of purported intelligence documents."

A spokesperson for the Office of Director of National Intelligence could not be immediately reached for comment.

Apple and Google did not respond to a request for comment at the time of writing.

VIDEO: Your Android phone may have malicious ghost apps installed

Editorial standards