WikiLeaks Opens Vault 7: CIA's Entire Hacking Capacity

[Bot]

WikiLeaks has finally made light on the Vault 7 revelations it promised weeks ago - the CIA's entire hacking capacity.

The files WikiLeaks is releasing is the most comprehensive collection of US spying files ever made public, claims Julian Assange. In total, there are 8,761 documents accounting for the entire hacking capacity of the CIA. This is just the first of a series of "Vault 7" leaks, WikiLeaks promises.

So what's in the files? WikiLeaks claims that CIA has software that could allow them to take control of the most popular electronics used today - iPhones, Android devices, PCs, smart TVs.

"'Year Zero' introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of 'zero day' weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and M... (read more)

Read more: WikiLeaks Opens Vault 7: CIA's Entire Hacking Capacity

 

[Exterminator]

Vault 7: CIA Hoards Zero Day Vulnerabilities, Can Crack Phones Running Twitter

Vault 7: CIA Can Bypass WhatsApp, Signal, Telegram Encryption

Vault 7: CIA Can Spy on You Through Your Smart TV, iPhone, Android Device

 

[Winter Soldier]

Always thought that having a microphone and an integrated camera in the phone, besides being useful to me, are also useful to someone else, for sure...

 

[Digerati]

What I found interesting is, at least according to ZDNet here, WikiLeak's claim that the released "documents span 2013 to the end of 2016."

End of 2016??? That suggests that long after Snowden, WikiLeaks is still obtaining newly leaked documents. How many moles does the CIA have in its midst?

 

[malis2007]

Always thought that having a microphone and an integrated camera in the phone, besides being useful to me, are also useful to someone else, for sure...

they are indeed "mobile" no need to hide them in any fixed place..
and ironically, we showoff with the ones that have better hardware(e.g. camera) :/

 

[giants8058]

What about all the exploits they apparently have for many AVs?

 

[FreddyFreeloader]

Looks like they can hack into your device and see what you send before you send it, no need to try and break the message encryption.
What do you say about that Apple, Google, Microsoft?

 

[Digerati]

What do you say about that Apple, Google, Microsoft?

I say do something novel; go have lunch together and talk face-to-face.

 

[giants8058]

I say do something novel; go have lunch together and talk face-to-face.

It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.

 

[Wave]

It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.

Go to a foreign country. In an isolated private mansion with big security. Now get on a boat and sail across the island to a deserted beach which is private with absolutely no electronic devices.

 

[giants8058]

Go to a foreign country. In an isolated private mansion with big security. Now get on a boat and sail across the island to a deserted beach which is private with absolutely no electronic devices.

Haha. You're not kidding. Things that used to be shrugged off as conspiracy theories, are now unfortunately actual conspiracies. I think I might have to pick up one of these now: blockitpocket.com -
I've been reading into all this stuff all day, and my head is spinning. It goes much deeper than I ever thought possible. Reddit has some good threads going on breaking it all down.

 

[Digerati]

It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.

Yes, but then it would have to be someone nearby and targeting you specifically. Then you would have bigger problems.

As far as sound waves, spyies have been using laser beams to read the sound created by voices vibrating office windows for years.

So the solution is to grab your food to go, and talk while you walk. And yes, take no electronics with you and hold your hand in front of your mouth every time you talk so they can't even read your lips. Pretty sad it has almost come to that.

 

[giants8058]

Yes, but then it would have to be someone nearby and targeting you specifically. Then you would have bigger problems.

That's not necessarily true. If you have an exploited smartphone in your pocket(which we now know they target both iPhone/Android), they would be able to implement this technique remotely.

 

[Bot]

There seems to be a bit of an uproar online as people are urging each other to dump the messaging apps they've been using because the CIA can render useless the encryption safeties they set in place. The problem, however, is with the operating systems of the phones, not the apps themselves,

Following the Vault 7 revelations from WikiLeaks, many people worry that their privacy is at risk due to the newly exposed capacities of the CIA. Of course, so far, there's been no indication that the CIA is doing anything illegal with its powers, aside from the fact that it really should be sharing the zero-day vulnerabilities it finds with the companies they affect so they can fix them and protect millions of users.

Then, there's the fact that, according to the files, the CIA has developed malware that can bypass the encryption layers used by apps such as What... (read more)

Read more: Don't Give Up on Encrypted Messaging Apps Because of the Vault 7 CIA Revelations

 

[DJ Panda]

Security can be extremely hard in giant cooperation's or facilities. For example, in my school the teacher uses the computer. Every time you see them use it a Java update notification. (legit one) pops-up and I dread. Either get rid of it or update it could be a matter of exploitation with a side of ransomeware.

 

[Kalimirro]

Lots of x86 software that is exploitable ( 4 antivirus tools) :

• Thunderbird Portable DLL Hijack
• Chrome Portable DLL Hijack
• LBreakout2 Game Portable DLL Hijack
• 2048 Game DLL Hijack
• FoxitReader Portable DLL Hijack
• Sophos Virus Removal Tool DLL Hijack
• Kaspersky TDSS Killer Portable DLL Hijack
• ClamWin Portable DLL Hijack
• Iperius Backup DLL Hijack
• OperaMail DLL Hijack
• Sandisk Secure Access v2 DLL Hijack
• LibreOffice Portable DLL Hijack
• BabelPad Portable Hijack
• Notepad++ DLL Hijack
• McAfee Stinger Portable DLL Hijack
• Skype Portable DLL Hijack
• Opera Portable DLL Hijack

 

[RVS2]

I have 2 questions here, (NOT political judgement)
Q 1. What do they get by spying on normal people, it's not like they're stopping crimes or attacks?
Q 2. How do they store so much data?

 

[cruelsister]

Just an FYI- there are a number of Private companies that have as their sole purpose the analysis of code of just about any application you can imagine. When an exploit is found in any program they will give it to whatever Country that they have a contract with. This is Big Business and unless the exploit is obvious (or Arch-Traitors disclose them) you'll never be the wiser.

Although most of these companies fly under the radar, one of them, Endgame, has had the absolute gall to develop a presence on VT with some jive-time endpoint "protection" thingy.

And please remember that the overriding purpose of acquiring such exploits is not to spy on you, but to keep someone you love from getting murdered by a Psychotic. I know this is not a popular thing to say, but it is the truth.

 

[Deleted member 178]

Endgame lol , aka "Evil Google (compromised network) Map"

 

[FreddyFreeloader]

There seems to be a bit of an uproar online as people are urging each other to dump the messaging apps they've been using because the CIA can render useless the encryption safeties they set in place. The problem, however, is with the operating systems of the phones, not the apps themselves,

This pretty much renders obsolete all these encrypted messaging apps.
At least when the CIA is involved.