Documents released by WikiLeaks allegedly detail how “weaponized” hacking tools allow the CIA to break into phones and messaging apps, effectively rendering encryption obsolete for compromised devices.
The whistleblowing organization released 8,000 “Vault 7” documents and files on Tuesday, March 7, that it claimed were obtained from an “isolated, high-security network” within the CIA’s headquarters in Langley, Virginia.
The revelations mean popular messaging apps that purport to be safe from cybercriminals, hackers and government surveillance—such as WhatsApp, Telegram and Signal—are vulnerable if the device they are on has been compromised. Facebook-owned WhatsApp, which has more than one billion users worldwide, enabled end-to-end encryption last year, specifically designed to protect users from “cybercriminals” and “oppressive regimes.”
The WikiLeaks release alleged that the CIA’s Mobile Development Branch produces malware to gain access to devices. It stated: “These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”
A photo illustration shows a chain and a padlock in front of a Whatsapp logo January 13. REUTERS/Dado Ruvic/Illustration
A spokesperson for WhatsApp, who declined to be named, tells Newsweek that the messaging app is “reviewing the content,” but highlights that its encryption had not been cracked; the surveillance technique the documents suggest would mean that any encrypted messaging app would be compromised if a device was infected.
WhatsApp’s decision to encrypt messages was described at the time as a “huge victory for privacy and free speech” by Amnesty International.
The CIA is allegedly targeting both Android and iOS devices, which account for a combined 97 percent of all smartphones in the world, according to figures from Gartner. The WikiLeaks statement alleged that the intelligence agency has a specific unit that uses malware to “infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.”
It said that similar unit targets Google’s Android mobile operating system, used by smartphone manufacturers including Samsung, Sony and HTC. Google and Apple were unable to provide a comment on the revelations when contacted by Newsweek.
WikiLeaks editor Julian Assange called the disclosures “exceptional from a political, legal and forensic perspective.”
According to WikiLeaks, Tuesday’s release was the first in a series of document dumps that would reveal the CIA’s “entire hacking capacity.” Among the other exploits mentioned in this dump is the allegation that Samsung TVs were being used as spying devices through their inbuilt microphones.
Comparing the release to similar surveillance revelations from NSA whistleblower Edward Snowden, WikiLeaks said part one of the Vault 7 documents “already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”
It is still not clear who the source of the documents is, but they are widely believed by cybersecurity experts to be authentic. WikiLeaks claimed they came from a former intelligence source. A spokesperson for the CIA said in a statement: “The CIA has no comment on the authenticity of the content of the purported intelligence documents.”