Wikileaks publishes docs from what it says is trove of CIA hacking tools

Share this…

Docs claim CIA can defeat WhatsApp, Signal, Telegram encryption, among other apps. This morning, Wikileaks posted the first of what the organization’s spokesperson says is a multi-part series of documents and files from the Central Intelligence Agency. “The first full part of the series, ‘Year Zero’, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina [sic],” Wikileaks’ spokesperson said in a press release.

The documents, many of them incomplete or redacted, appear to be pulled in part from an internal Wiki, while others appear to have been part of a user file directory. In a move unusual for Wikileaks, individuals’ names have been redacted and replaced with unique identifiers. “These redactions include tens of thousands of CIA targets and attack machines throughout Latin America, Europe, and the United States,” Wikileaks’ spokesperson explained in the release. “While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”


The documents include instructions for using hacking tools, tips on configuration of Microsoft Visual Studio (classified as Secret/NOFORN), and testing notes for various hacking tools. Among the hacking tools listed are those for iOS, a collection of Android zero-days, and hacking techniques from various sources, including the UK’s GCHQ and the National Security Agency. These tools, Wikileaks claimed, “permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide, and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”

Also mentioned in the documents are tools for hacking embedded operating systems, including a Python-based tool for sending commands to a remote keyboard emulator pushed to an embedded device. There are also notes on a joint “workshop” with the UK’s MI5 on a project called “Weeping Angel”—in which the services were able to turn a Samsung smart television into an eavesdropping device.

When reached for comment, a CIA spokesperson told Ars Technica, “We do not comment on the authenticity or content of purported intelligence documents.”

Ars will update this story with further analysis and details when they are available.