The CIA has developed a hacking tool named Weeping Angel that can turn Samsung smart TVs into covert listening devices.
This information came to the public's attention after WikiLeaks dumped today a treasure trove of documents, codenamed Vault 7, which the organization claims were taken from a "high-security network situated inside the CIA's Center for Cyber Intelligence."
The first part of the leak included only documentation files for hacking tools, exploits, zero-days, and malware, but no actual hacking tools. In total, WikiLeaks leaked 8,761 files, among which one stood out among the most.
The tool is named Weeping Angel, which according to leaked files, the CIA developed together with Britain's MI5/BTSS department.
For installation, field agents need physical access to the Samsung smart TV in order to perform a factory reset and load Weeping Angel via the USB port. Another installation method may be supported, but was not mentioned in the leaked files, which WikiLeaks says it redacted.
Once installed, Weeping Angel could perform a series of actions. According to the tool's documentation, these are some of Weeping Angel's capabilities:
Weeping Angel transforms smart TV into listening bug
The last line in the list above refers to the tool's audio collection capabilities. According to leaked documents, Weeping Angel comes with a fake "Off mode" which turns off the On/Off LED but keeps the TV running.
This allows Weeping Angel to collect data via the smart TV's built-in microphone, used normally to power the device's voice recognition feature. All audio data is logged and sent to a remote server via the smart TV's Internet connection.
The earliest timestamp mentioned in the leaked documents reveal the tool was being under active development on June 16, 2014, when MI5 experts helped add new feature and improve others (including the fake Off mode).
The documents also include a list named "ToDo / Future Work," containing features the agency wanted its developers to create.
Another list detailed bugs and limitations that agents should take into consideration when deploying the tool.
The only Samsung smart TV model mentioned in the documents is Samsung F800. Other smart TV series (presumbly the Fxxxx line) are most likely affected as well.
The documents reveal CIA operatives tested the tool on firmware versions 1111, 1112, and 1116, while firmware 1118 removed the USB installation method.
Wikileaks said it came into possession of the CIA hacking tools from government contractors and hackers. It is unknown when the documents were stolen, but it's very likely the CIA upgraded Weeping Angel since 2014 with new features and support for newer firmware versions.
In February 2015, Samsung warned customers that its smart TV may accidentally collect private conversations via its voice recognition feature.