CIA able to bypass encryption on several popular messaging apps
Hello, I am digicrypt and thank you for checking out this post. My blog focuses on a variety of crypto/infosec topics but recently I have been running a series on cryptology. Yesterday I made a post concerning Wikileaks release of an encrypted file and the expected release of the passphrase to unlock it. Today's release by Wikileaks dubbed "Vault 7" is one of the largest "data dumps" ever.
"we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks."
There is no doubt that millions of people will be going through these documents in the coming weeks, finding all sorts of interesting information. I however want to go over a few pieces of info regarding the CIA's ability bypass the encryption of several encrypted messaging apps.
The documents contain a variety of "hacking tools" and exploits used by the CIA to collect information. Notable targets of these exploits include...
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones."
Incase you are unaware of the meaning of "Zero Day"
"A zero-day (also known as zero-hour or 0-day or day zero) vulnerability is an undisclosed computer-software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network. It is known as a "zero-day" because it is not publicly reported or announced before becoming active, leaving the software's author with zero days in which to create patches or advise workarounds to mitigate its actions."
I want to focus on the targeting of phones for the purpose of this article.
"The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone."
Iphones were disproportionately targeted. One possible explanation is the phones popularity with high profile individuals.
"Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads".
Android devices were also targeted.
"A similar unit targets Google's Android which is used to run the majority of the world's smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. "Year Zero" shows that as of 2016 the CIA had 24 "weaponized" Android "zero days" which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors."
These techniques allow the CIA to bypass the encryption of several popular messaging apps because they are able to hack the phones the apps are run on and read the message before the encryption process takes place.
The following apps were listed by wikileaks as being subject to exploitation...
Important ( The encryption methodologies are rendered useless because the device itself,running the app has been "taken over")
These apps have been used by whistle blowers and sources who believe they are protecting their privacy.
The agency also has the ability to turn on a phones camera and microphone to record surveillance without the user's knowledge.
I will be doing another post about Vault 7 and digital forensics, let me know what you thought about this article and if there is anything else you would like me to do a post on.
Please upvote and resteem if you found this post interesting!
Follow my blog @digicrypt if you want to learn more!
If you would like to donate to support my blog further you can use either of the addresses below