fbpx

WikiLeaks reveals that both British and American intelligence agencies used an implant on Samsung TVs to secretly listen-in on user conversations.

Using MI5’s EXTENDING Tool, American counterparts at the CIA developed the listening implant tool code-named “Weeping Angel” to record audio on Samsung F Series Smart Televisions, according to the latest Vault 7 dump by WikiLeaks.

“Based on the ‘Extending’ tool from MI5/BTSS, the [Weeping Angel] implant is designed to record audio from the built-in microphone and egress or store the data,” the intro reads.

According the EXTENDING Tool user’s guide, the implant is installed using a USB stick inserted into the TV, and it could be configured to setup a WiFi hotspot through which the intelligence agencies could spy directly on live conversations.

“The implant is configured on a Linux PC, and then deployed onto the TV using a USB stick. Audio files can then be extracted using a USB stick or setting up a Wi-Fi hotspot with-in range of the TV. It is also possible to listen to audio exfiltration live, using the Live Listen Tool, designed for use on a Windows OS.”

Regarding the WiFi hotspot, which is required for Remote Access Audio Retrieval and Live Audio Exfiltrating, the user’s guide explains, “To exfiltrate files over a Wi-Fi hotspot, the hotspot must be setup within range of the TV with a preconfigured SSID, set in the config file. Files are then exfiltrated over this Wi-Fi network to a server as configured in the configuration file.”

Even when the TV is off, the CIA and MI5 still can record audio using the aptly-named “Fake-off” recording feature.

“EXTENDING will continue to record audio, even whilst the TV appears to be off. This is achieved by intercepting the command for the TV to switch-off and turning off the TV screen, leaving the processor running.”

In what appears to be a perverted form of British charm, the guide is ever-so polite in saying, “Please ensure the unencrypted settings file, encryptSettings tool and rsakeygen tool are always stored securely.”

The walkthrough of the implant’s installation in the user’s guide even gives a friendly reminder to hackers to clear the TV’s history after installing the ultra-secretive, privacy-stealing, attack apparatus on individuals’ rights.

Source : This article was published sociable.co By TIM HINCHLIFFE

Categorized in News & Politics

Amongst the many, many CIA exploits of Apple, Google and Microsoft consumer technology in today's Wikileaks massive info dump was a particularly novel project to spy on Samsung smart TVs.

According to the Wikileaks-hosted files, CIA agents named their TV malware Weeping Angel that appeared to have been created during a joint workshop with the agency's British counterparts, MI5, in 2014. If the dumped data is legitimate, Weeping Angel runs just like a normal TV app, not unlike YouTube, but in the background, capturing audio but not video. It can, however, also recover the Wi-Fi keys the TV uses to later hack the target's Wi-Fi network, and access any usernames and passwords stored on the TV browser, explained Matthew Hickey, a security researcher and co-founder of Hacker House, a project to encourage youngsters to get into cybersecurity. There was also a feature dubbed "Fake Off" where the TV would continue recording even when shut down.

Hickey, who reviewed the CIA notes on the project, said it appeared the malware would infiltrate the TV via a USB key, as the notes on Wikileaks indicated USB install methods were disabled in a specific firmware. He said, however, that there's still a chance the CIA has remote infection techniques.

"The tool appears to be under active development. The capabilities it boasts cannot currently capture video, according to the leaked docs. But that is a goal of the project. It can record audio but it does not stream it in real-time to the CIA. Instead it copies it off the TV as files," Hickey added.

He noted that the attacks would likely be limited, in that the CIA would have to be nearby to harvest the stolen data. "Effectively they install an application onto your TV through USB, they go away on their spying business and come back with a Wi-Fi hotspot later on. When the TV sees the CIA Wi-Fi, it uploads all of the captured audio it has recorded of people around the TV, even when they thought it was off.

Protection from the CIA

Samsung hadn't responded to a request for comment at the time of publication, and Forbes has not been able to independently verify the veracity of the claims made on Wikileaks, which released a huge batch of alleged CIA files today under the name Vault 7.

But there's a simple way users can protect themselves, according to Hickey. He said simply updating the TV could well kill the CIA tool, as there's no indication the CIA is able to use the Weeping Angel malware on Samsung TVs running the latest firmware above that specified, namely 1118. As noted in one leaked file: "Updating firmware over internet may remove implant (not tested) or portions of the implant... Firmware version 1118+ eliminated the current USB installation method."

However, in those same engineering notes is a feature to "prevent updates." This could mean the CIA had found a way to prevent the Samsung device from updating automatically, or at all. Where users find they can't update, there's a handy factory reset code in that same Wikileaks file, which should allow updates again.

As shown in recent cases, Samsung Smart TVs have been the subject of both privacy and security concerns. Last month, Forbes revealed the FBI had successfully searched the Samsung TV of a suspect as part of an investigation into child sexual abuse material. In 2015, there was a mini furore about Samsung sharing the conversations recorded by the TV with third parties.

The Shodan search engine for connected devices has also been able to harvest information on some Samsung TVs that are exposed on the web, possibly leaving them open to hackers anywhere on the planet.

There remains the possibility that MI5 had the TV hacking capability before the CIA. "The source code came sanitized from 'the UK' minus comms and encryption," said Pen Test Partners researcher David Lodge. "This is more important to me - it implies that MI5 already had this as a solution."

Got a tip? Email at This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it. for PGP mail. Get me on Signal on +447837496820 or This email address is being protected from spambots. You need JavaScript enabled to view it. on Jabber for encrypted chat.

Author : Thomas Fox-Brewster

Source : https://www.forbes.com/sites/thomasbrewster/2017/03/07/cia-wikileaks-samsung-smart-tv-hack-security/#28f826f34bcd

Categorized in Science & Tech

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media