Earlier today, WikiLeaks published a collection of hacking tools which the organization claims belong to the United States Central Intelligence Agency (CIA).
The WikiLeaks dump, codenamed Vault 7, comes after a rogue hacking group calling itself The Shadow Brokers had leaked similar tools in the summer of 2016, which they claimed to have stolen from the United National Security Agency (NSA). The Shadow Brokers have retired in the meantime.
According to WikiLeak's press release, the organization is now in possession of "the majority of its [CIA's] hacking arsenal including malware, viruses, trojans, weaponized 'zero day' exploits, malware remote control systems and associated documentation."
The dump contains only PDF documentation for the alleged CIA hacking tools, but none of the actual malware and exploits.
The WikiLeaks dump is available for download via a torrent file, which delivers a password-protected archive. The archive's password is SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds, a quote from President Kennedy, which WikiLeaks tweeted hours after announcing its latest leak.
The archive file unzips into a folder named "year0" that holds 930 MB of data. According to a summary of the included documents, there's documentation for tools targeting Windows, Android, iOS, and even Samsung TVs.
Some tools are visibly marked as "Confidential" or "Top Secret," while others are marked with the names of other intelligence agencies, such as the FBI, NSA, GCHQ, and MI5.
WikiLeaks says the files come from both US government contractors and hackers. The organization hints that some of the tools were circulated before its staff got ahold of the data.
The exact date when the files were taken from CIA servers is unknown. WikiLeaks says this is only the first of many leaks to come.
To get an idea of what the CIA hacking tools can do, here's a short summary of some random utilities (these are just a few, there are tens included in the leak):
HammerDrill - a CD/DVD collection tool that collects directory walks and files to a configured directory and filename pattern as well as logging CD/DVD insertion and removal events.
Sparrowhawk - collects user-entered keystrokes from any system terminal, and collate in a unified format across multiple Unix platforms.
MaddeningWhispers - a set of software components that provide beaconing and remote access capabilities to a Vanguard-based device.
BaldEagle -Local user-to-root privilege escalation exploit within the Hardware Abstraction Layer (HAL) daemon. Exploit is available on Linux and PC-BSD platforms.
Bee Sting - Proxy with iFrame injection.
Fight Club - encryption utility.
RainMaker - a survey and file collection tool.
Weeping Angel - transforms Samsung smart TVs into microphones, using a fake "Off mode."