CIA man walking over crest
A man crosses the Central Intelligence Agency (CIA) logo in the lobby of CIA Headquarters in Langley, Virginia, on August 14, 2008. SAUL LOEB/AFP/Getty Images

WikiLeaks has released a trove of secrets allegedly pilfered from the US Central Intelligence Agency (CIA) that purported to show how computer-savvy spies were able to use hacking tools to break into iOS devices, Android phones and Samsung TVs.

Some were reportedly developed with aid from other intelligence agencies, including the UK's Government Communications Headquarters (GCHQ) and MI5. In many cases, WikiLeaks said, the tools were used to stealthily snoop on users by tampering remotely with the devices.

As reported, the leak came in the form of Vault 7 "Year Zero", a new series containing a selection of roughly 8,000 documents and files obtained by a source from within an "isolated, high security network" at the CIA's Cyber Intelligence unit based in Langley, Virginia.

These techniques could allow the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo and Confide. "By hacking the smart devices that they run on and collecting audio and message traffic before encryption is applied," WikiLeaks said in a press release.

Yet as some security experts point out, it has long been known if an end-point is compromised, end-to-end encryption is too. Furthermore, some national security commentators have already said the leak may undermine western efforts to keep its citizens safe.

Here is a small selection of some of the CIA's hacking targets:


Android OS

According to one document, the CIA was storing over 20 "zero-day" (i.e. never before discovered) exploits solely dedicated to targeting Google's widely-used Android operating software – with names including Flameskimmer, Livestrong and NightMonkey.

Apple IOS

WikiLeaks said the Apple-based exploits were designed by the CIA's Mobile Development Branch (MDB) and could be deployed by the hacker-spies to "control and exfiltrate data from iPhones and other Apple products running iOS".

Names of the toolsets included Juggernaut, Rhino and Xiphos. In many cases the documents show they were purchased from other Five-Eye agencies, including GCHQ and the US National Security Agency (NSA). The exploits in the files impact everything up until iOS 9.2.

Samsung smart-TVs

Reportedly developed in conjunction with British intelligence experts at MI5, the malware attack on Samsung branded televisions – dubbed "Weeping Angel" – could turn the device into "fake-off" mode so users would not realise it was indeed switched on and recording conversations.

Yet the documents suggest the agency was not content with audio-only, and was attempting to further its technical capabilities to take video snapshots, disable the auto-upgrade functions and have the ability to check if any default applications on the device had their own bugs.

Cars and vehicles

In one of the most intriguing sections, WikiLeaks highlighted a document alleging the CIA was probing ways to infect vehicle control systems used on modern web-connected cars and trucks, potentially looking for methods of conducting "undetectable assassinations".

Windows and Linux

The leak suggests the agency was also interested in use different types of malware to target Internet of Things (IoT) devices, industrial control systems and Linux/Unix.

The trove of files published contains placeholder titles for mainstream browsers including Microsoft Edge, Mozilla Firefox and Google Chrome, however when clicked there is no information stored within. Nevertheless, some headers are still marked 'Secret'.

Based on its analysis, WikiLeaks claimed the agency is running a "substantial effort" to infect and control Windows users with malware. One type – called "HammerDrill" – can reportedly be used to infect software distributed on CD/DVDs to such systems.


"There is an extreme proliferation risk in the development of cyberweapons," said Julian Assange, founder of WikiLeaks, in a press release. He added: "Comparisons can be drawn between the uncontrolled proliferation of such 'weapons' [...] and the global arms trade.

"But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective." WikiLeaks branded the size of the leak, which spans from 2013 to 2016, the "largest intelligence publication in history."

A CIA spokesperson told The Washington Post: "We do not comment on the authenticity or content of purported intelligence documents." Meanwhile Edward Snowden, the infamous NSA leaker, tweeted: "What Wikileaks has here is genuinely a big deal. Looks authentic."