Hackers within the Central Intelligence Agency have developed malware which can turn Samsung Smart TVs into listening devices, leaked documents published by WikiLeaks Tuesday reveal.
The malware, coined “Weeping Angel” – released as part of WikiLeaks’ “Vault 7” data dump – appears to have been created during a 2014 joint workshop with Britain’s equivalent spy agency MI5.
The attack, which seems to require physical access to the TV and an infected USB drive, enables a “Fake-Off mode” that allows the microphone to be accessed even after the TV has been seemingly turned off. The malware also suppresses the TV’s LED lights, removing any suspicion that the device is still active.
Weeping Angel can also reportedly extract usernames, passwords and Wi-Fi keys – allowing access to the target’s network and other connected devices.
“The tool appears to be under active development,” security researcher Matthew Hickey told Forbes. “The capabilities it boasts cannot currently capture video, according to the leaked docs.”
“But that is a goal of the project. It can record audio but it does not stream it in real-time to the CIA. Instead it copies it off the TV as files.”
Hickey also stated that Weeping Angel may be neutralized if the target updates their TV’s firmware since the malware is designed specifically for versions below 1118.
“Updating firmware over internet may remove implant (not tested) or portions of the implant…” Hickey said. “Firmware version 1118+ eliminated the current USB installation method.”
The CIA can also use a feature known as “prevent updates” to stop a device from removing the malware. While a factory reset code can bring the TV back to its original state, most users are unlikely to closely monitor their firmware version.
Security researchers have long warned about vulnerabilities with not only Samsung TVs but with IoT (Internet of Things) devices in general.
In a 2012 Wired article, entitled, “CIA Chief: We’ll Spy on You Through Your Dishwasher,” then-CIA Director David Petraeus heralded emerging technologies in relation to espionage.
“‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,” Petraeus said, “particularly to their effect on clandestine tradecraft.”
As reported by Infowars in 2012, security firm ReVuln discovered similar issues that allowed a Samsung TV’s microphone and camera to be accessed.
“It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV,” Security Ledger reported at the time. “And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set.”
While the vast majority of smart TV users are not going to have their devices physically targeted by CIA, Samsung has admitted in its own terms of service that a user’s personal conversations can be recorded and transmitted to third parties – creating a larger attack surface for the private data.
“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition,” the policy stated.