Wikileaks: Vault 7 Leak Exposes CIA Hacking Documents

Just as the story on The Shadow Brokers exposing the alleged NSA Equation Group’s offensive cyber toolkit has come to a close, today Wikileaks announced a new series of leaks concerning the hacking capabilities of the CIA.

This new series of leaks has been named “Vault 7” and they claim it is the largest publication of confidential documents on the U.S. Central Intelligence Agency.

The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

The Wikileaks press release goes on to say:

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

An immediate impact of the leak is the revelation that the CIA is able to bypass encryption in popular mobile messaging apps, including WhatsApp and Signal.  While many are immediately pointing to the security of the applications, it appears the eavesdropping is due to the vulnerabilities in mobile operating systems as WikiLeaks stated it was possible to penetrate Android phones and collect “audio and message traffic before encryption is applied.”

We plan to review and follow the analysis closely to see what comes out of the first leak as from the Wikileaks press release, they are claiming that Year Zero introduces the “scope and direction of the CIA’s global covert hacking program”.  This includes exploits focusing on a many products including Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which can be turned into covert microphones.

After the leaks relating to the US Election and what many describe as interference, Wikileaks had come under criticism and wasn’t the darling that many people thought they once were for exposing information to the world.  

Snowden has chimed in and suggested that the material looks authentic:

As with most dumps of this size there will be various findings and we will do our best to highlight the key points and aggregate the information.