Tuesday, March 7, 2017
CIA Has an “Impressive List” of Ways to Hack Into Your Smartphone, WikiLeaks Files Indicate
A CONCERTED EFFORT by the CIA produced a library of software attacks to crack into Android smartphones and Apple iPhones, including some that could take full control of the devices, according to documents in a trove of files released by WikiLeaks Tuesday.
The attacks allow for varying levels of access — many powerful enough to allow the attacker to remotely take over the “kernel,” the heart of the operating system that controls the operation of the phone, or at least to have so-called “root” access, meaning extensive control over files and software processes on a device. These types of techniques would give access to information like geolocation, communications, contacts, and more. They would most likely be useful for targeted hacking, rather than mass surveillance. Indeed, one document describes a process by which a specific unit within the CIA “develops software exploits and implants for high priority target cellphones for intelligence collection.”
The WikiLeaks documents also include detailed charts concerning specific attacks the CIA can apparently perform on different types of cellphones and operating systems, including recent versions of iOS and Android — in addition to attacks the CIA has borrowed from other, public sources of malware. Some of the exploits, in addition to those purportedly developed by the CIA, were discovered and released by cybersecurity companies, hacker groups, and independent researchers, and purchased, downloaded, or otherwise acquired by the CIA, in some cases through other members of the intelligence community, including the FBI, NSA, and the NSA’s British counterpart GCHQ , the documents indicate.