Security Experts:

WikiLeaks Details Samsung Smart TV Hacking Tool

WikiLeaks has released a document detailing yet another hacking tool allegedly used by the U.S. Central Intelligence Agency (CIA). This time, the organization has published information on a tool designed to record audio via the built-in microphone of some Samsung smart TVs.

The tool, dubbed “Weeping Angel,” is apparently based on “Extending,” an implant allegedly developed by British security service MI5 – the agencies are said to have worked together on this project.

Some information on Weeping Angel was made public by WikiLeaks as part of the first Vault 7 dump, and the organization has now decided to also release a user guide.

The newly released guide, dated February 2014, describes an implant for Samsung F series smart TVs. The implant can record audio from a device via the built-in microphone and either store or exfiltrate the recordings.

The Weeping Angel implant can be installed by connecting a USB device to the targeted TV, and data can be exfiltrated either via a USB stick or a compromised Wi-Fi hotspot. However, previously leaked documents showed that its developers had been planning to add more data theft capabilities, including for browser data and Wi-Fi credentials, and even exploiting available remote access features.

SecurityWeek has reached out to Samsung for comment and will update this article if the company responds.

Last week, WikiLeaks released six documents describing a project named HIVE, which the CIA allegedly used to exfiltrate information from compromised machines and send commands to the malware found on these devices.

The whistleblower organization has also detailed hacking tools targeting security products, a framework used to make attribution and analysis of malware more difficult, and a platform designed for creating custom malware installers.

While WikiLeaks has offered to share the exploits it possesses with affected tech companies, most firms don’t seem willing to comply with WikiLeaks’ conditions for obtaining the files. Furthermore, an analysis of the available information showed that many of the vulnerabilities have already been patched.

U.S. authorities have neither confirmed nor denied the authenticity of the Vault 7 files, but reports say both the CIA and the FBI are hunting for an insider who may have provided the information to WikiLeaks.

Researchers at Symantec and Kaspersky have found links between the leaked Vault 7 files and the tools used by a cyber espionage group tracked by the security firms as Longhorn and The Lamberts, respectively.

Related: Samsung Launches Security Solution for Smart TVs

Related: If the CIA Isnt' Secure, Who Is?

Related: Arrest of WikiLeaks's Assange a 'Priority', Says US Top Cop

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.