MalwareTips Bot

Robot
Content Creator
Verified

WikiLeaks has finally made light on the Vault 7 revelations it promised weeks ago - the CIA's entire hacking capacity.

The files WikiLeaks is releasing is the most comprehensive collection of US spying files ever made public, claims Julian Assange. In total, there are 8,761 documents accounting for the entire hacking capacity of the CIA. This is just the first of a series of "Vault 7" leaks, WikiLeaks promises.

So what's in the files? WikiLeaks claims that CIA has software that could allow them to take control of the most popular electronics used today - iPhones, Android devices, PCs, smart TVs.

"'Year Zero' introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of 'zero day' weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and M... (read more)

Read more: WikiLeaks Opens Vault 7: CIA's Entire Hacking Capacity
 
Last edited by a moderator:

Digerati

Level 6
Verified
What I found interesting is, at least according to ZDNet here, WikiLeak's claim that the released "documents span 2013 to the end of 2016."

End of 2016??? That suggests that long after Snowden, WikiLeaks is still obtaining newly leaked documents. How many moles does the CIA have in its midst? :eek:
 

giants8058

Level 4
I say do something novel; go have lunch together and talk face-to-face.
It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.
 
W

Wave

It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.
Go to a foreign country. In an isolated private mansion with big security. Now get on a boat and sail across the island to a deserted beach which is private with absolutely no electronic devices.
 

giants8058

Level 4
Go to a foreign country. In an isolated private mansion with big security. Now get on a boat and sail across the island to a deserted beach which is private with absolutely no electronic devices.
Haha. You're not kidding. Things that used to be shrugged off as conspiracy theories, are now unfortunately actual conspiracies. I think I might have to pick up one of these now: blockitpocket.com -
I've been reading into all this stuff all day, and my head is spinning. It goes much deeper than I ever thought possible. Reddit has some good threads going on breaking it all down.
 

Digerati

Level 6
Verified
It better be out in the middle of a field somewhere with no electronic devices on or near you. They can literally get into anything. Look up BadBios in which high frequency sound waves can be used by one device to infect another device via it's microphone that can even bypass an airgapped network.
Yes, but then it would have to be someone nearby and targeting you specifically. Then you would have bigger problems.

As far as sound waves, spyies have been using laser beams to read the sound created by voices vibrating office windows for years.

So the solution is to grab your food to go, and talk while you walk. And yes, take no electronics with you and hold your hand in front of your mouth every time you talk so they can't even read your lips. Pretty sad it has almost come to that. :(
 

giants8058

Level 4
Yes, but then it would have to be someone nearby and targeting you specifically. Then you would have bigger problems.
That's not necessarily true. If you have an exploited smartphone in your pocket(which we now know they target both iPhone/Android), they would be able to implement this technique remotely.
 
Last edited:

MalwareTips Bot

Robot
Content Creator
Verified
There seems to be a bit of an uproar online as people are urging each other to dump the messaging apps they've been using because the CIA can render useless the encryption safeties they set in place. The problem, however, is with the operating systems of the phones, not the apps themselves,

Following the Vault 7 revelations from WikiLeaks, many people worry that their privacy is at risk due to the newly exposed capacities of the CIA. Of course, so far, there's been no indication that the CIA is doing anything illegal with its powers, aside from the fact that it really should be sharing the zero-day vulnerabilities it finds with the companies they affect so they can fix them and protect millions of users.

Then, there's the fact that, according to the files, the CIA has developed malware that can bypass the encryption layers used by apps such as What... (read more)

Read more: Don't Give Up on Encrypted Messaging Apps Because of the Vault 7 CIA Revelations
 
Last edited by a moderator:

DJ Panda

Level 29
Verified
Security can be extremely hard in giant cooperation's or facilities. For example, in my school the teacher uses the computer. Every time you see them use it a Java update notification. (legit one) pops-up and I dread. Either get rid of it or update it could be a matter of exploitation with a side of ransomeware. :(
 

Kalimirro

Level 2
Lots of x86 software that is exploitable ( 4 antivirus tools) :

  • Thunderbird Portable DLL Hijack
  • Chrome Portable DLL Hijack
  • LBreakout2 Game Portable DLL Hijack
  • 2048 Game DLL Hijack
  • FoxitReader Portable DLL Hijack
  • Sophos Virus Removal Tool DLL Hijack
  • Kaspersky TDSS Killer Portable DLL Hijack
  • ClamWin Portable DLL Hijack
  • Iperius Backup DLL Hijack
  • OperaMail DLL Hijack
  • Sandisk Secure Access v2 DLL Hijack
  • LibreOffice Portable DLL Hijack
  • BabelPad Portable Hijack
  • Notepad++ DLL Hijack
  • McAfee Stinger Portable DLL Hijack
  • Skype Portable DLL Hijack
  • Opera Portable DLL Hijack
 

RVS2

Level 2
I have 2 questions here, (NOT political judgement)
Q 1. What do they get by spying on normal people, it's not like they're stopping crimes or attacks?
Q 2. How do they store so much data?
 

cruelsister

Level 36
Content Creator
Trusted
Verified
Just an FYI- there are a number of Private companies that have as their sole purpose the analysis of code of just about any application you can imagine. When an exploit is found in any program they will give it to whatever Country that they have a contract with. This is Big Business and unless the exploit is obvious (or Arch-Traitors disclose them) you'll never be the wiser.

Although most of these companies fly under the radar, one of them, Endgame, has had the absolute gall to develop a presence on VT with some jive-time endpoint "protection" thingy.

And please remember that the overriding purpose of acquiring such exploits is not to spy on you, but to keep someone you love from getting murdered by a Psychotic. I know this is not a popular thing to say, but it is the truth.
 

FreddyFreeloader

Level 31
Verified
There seems to be a bit of an uproar online as people are urging each other to dump the messaging apps they've been using because the CIA can render useless the encryption safeties they set in place. The problem, however, is with the operating systems of the phones, not the apps themselves,
This pretty much renders obsolete all these encrypted messaging apps.
At least when the CIA is involved.
 
  • Like
Reactions: SHvFl