Samsung Smart TVs have now been the subject of CIA hacks, according to Wikileaks files, as well as federal searches. Photographer: Chris Ratcliffe/Bloomberg
Amongst the many, many CIA exploits of Apple, Google and Microsoft consumer technology in today’s Wikileaks massive info dump was a particular interesting project to spy on Samsung smart TVs.
According to the Wikileaks-hosted files, CIA agents named their TV malware Weeping Angel, and appears to have been created during a joint workshop with the agency’s British counterparts, MI5. If the dumped data is legitimate, Weeping Angel runs just like a normal TV app, not unlike YouTube, but in the background, capturing audio but not video. It can, however, also recover the Wi-Fi keys the TV uses to later hack the target’s Wi-Fi network, and access any usernames and passwords stored on the TV browser, explained Matthew Hickey, a security researcher and co-founder of Hacker House, a project to encourage youngsters to get into cybersecurity. There was also a feature dubbed “Fake Off” where the TV would continue recording even when shut down.
Hickey, who reviewed the CIA notes on the project, said it appeared the malware would infiltrate the TV via a USB key, as the notes on Wikileaks indicated USB install methods were disabled in a specific firmware. He said, however, that there’s still a chance the CIA has remote infection techniques.
“The tool appears to be under active development. The capabilities it boasts cannot currently capture video, according to the leaked docs. But that is a goal of the project. It can record audio but it does not stream it in real-time to the CIA. Instead it copies it off the TV as files,” Hickey added.
He noted that the attacks would likely be limited, in that the CIA would have to be nearby to harvest the stolen data. “Effectively they install an application onto your TV through USB, they go away on their spying business and come back with a Wi-Fi hotspot later on. When the TV sees the CIA Wi-Fi, it uploads all of the captured audio it has recorded of people around the TV, even when they thought it was off.”
Protection from the CIA
Samsung hadn’t responded to a request for comment at the time of publication, and Forbes has not been able to independently verify the veracity of the claims made on Wikileaks, which released a huge batch of alleged CIA files today under the name Vault 7.
But there’s a simple way users can protect themselves, according to Hickey. He said simply updating the TV could well kill the CIA tool, and there’s not indication the CIA is able to use the Weeping Angel malware on Samsung TVs running the latest firmware above that specified, namely 1118. As noted in one leaked file: “Updating firmware over internet may remove implant (not tested) or portions of the implant… Firmware version 1118+ eliminated the current USB installation method.”
As shown in recent cases, Samsung Smart TVs have been the subject of both privacy and security concerns. Last month, Forbes revealed the FBI had successfully searched the Samsung TV of a suspect as part of an investigation into child sexual abuse material. In 2015, there was a mini furore about Samsung sharing the conversations recorded by the TV with third parties.
The Shodan search engine for connected devices has also been able to harvest information on some Samsung TVs that are exposed on the web, possibly leaving them open to hackers anywhere on the planet.
— John Matherly (@achillean) March 7, 2017
Got a tip? Email at TFox-Brewster@forbes.com or firstname.lastname@example.org for PGP mail. Get me on Signal on +447837496820 or email@example.com on Jabber for encrypted chat.