WikiLeaks continues to release documents that reveal various hacking tools used by the CIA. After the HIVE revelations just over a week ago, the group has followed up with details of operations that were mentioned in the very first batch of Vault 7 leaks — hacking Samsung televisions to listen in on people.
The documents suggest that the CIA’s work is based on a tool developed by MI5 in the UK called Extending. The CIA went on to transform this into its own utility by the name of “Weeping Angel.” WikiLeaks has published the guide to using the tool in a file marked “SECRET STRAP 2 UK EYES ONLY,” and it describes how an implant is configured on a Linux PC before installing it on a target Samsung F Series smart TV.
By hacking the firmware of Samsung TVs, the CIA was able to fool owners into believing their devices were switched off when they were in fact secretly recording conversations. On the Vault 7 blog, WikiLeaks says of the latest revelations:
WikiLeaks publishes the User Guide for CIA’s “Weeping Angel” tool — an implant designed for Samsung F Series Smart Televisions. Based on the “Extending” tool from MI5/BTSS, the implant is designed to record audio from the built-in microphone and egress or store the data.
The classification marks of the User Guide document hint that is was originally written by the MI5/BTSS and later shared with the CIA. Both agencies collaborated on the further development of the malware and coordinated their work in Joint Development Workshops.
The very first page of the guide explains how the tool works. “The EXTENDING tool is an implant designed for Samsung F Series Smart Televisions. The implant is designed to record audio from the built-in microphone and egress or store the data. The implant is configured on a Linux PC, and then deployed onto the TV using a USB stick. Audio files can then be extracted using a USB stick or setting up a Wi-Fi hotspot with-in range of the TV. It is also possible to listen to audio exfiltration live, using the Live Listen Tool, designed for use on a Windows OS.”