As you may know, WikiLeaks has published the article recently, revealing a lot of information about how CIA spies the users and their hacking capabilities. The article is called Vault 7 and provides a lot of interesting information.
The CIA uses 0-day exploits and spreads malware in order to perform mass espionage. Some ideas, from the WikiLeaks article:
- CIA is capable of hacking into all the Android and iOS phones that have (or had) the Twitter app installed.
- CIA can spy the users by using the Android and iOS phones, the internet of things devices and the smart TVs as microphones.
- CIA can decrypt all the encrypted messages from WhatsApp, Signal and Telegram.
- CIA can hack almost every system that’s available online, because it has both hardware resources and smart people that can do that.
The article does not contain anything about Windows Phones, this meaning that either it does not represent any interest or the government has some kind of deal with Microsoft.
In order to hack into different computers, the CIA hackers had to make their hacking tools bypass the security offered by antivirus software. This article from APNews.com tells us how much the CIA struggled to trick a bunch of antivirus solutions:
A CIA hacker said about Comodo that it is “a colossal pain in the posterior. It literally catches everything until you tell it not to.”. Același hacker a anunțat că ultimele versiuni Comodo sunt mai ușor de ocolit decât cele mai vechi, dar unul dintre angajații Comodo a anunțat că exploit-ul folosit de CIA nu mai este de actualitate de multă vreme.
Due to the fact that the antivirus has a flaw in its source code, CIA has managed to easily bypass Kaspersky’s protection. Eugene Kaspersky a anunțat că cele două vulnerabilitați folosite de către CIA au fost deja descoperite și eliminate.
The CIA hacker has announced that he has bypassed Avira protected systems easily. The firm announced that they have patched the flaw a few hours after the vulnerability has been leaked and that there isn’t any proof that the users were affected by the bug.
CIA had a trick to theoretically bypass AVG, but one of the technology officers at AVG announced that the flaw CIA would be using is obsolete today.
The same as Avira, the CIA hackers did not have to work hard in order to bypass this AV’s security.
It looks like CIA had a hard time trying to crack Bitdefender’s security and it’s not certain if the agency managed to bypass it or not.