-WikiLeaks
among former U.S. government hackers and contractors in an unauthorized manner,
one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking
program, its malware arsenal and dozens of "zero day" weaponized exploits against
a wide range of U.S. and European company products, include Apple's iPhone,
Google's Android and Microsoft's Windows and even Samsung TVs, which are
turned into covert microphones.
-WikiLeaks
CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are bui lt by EDG (Engineering Development Group),
a software development group within CCI (Center for Cyber Intelligence), a
department belonging to the CIA's DDI (Directorate for Digital Innovation). The DDI is
one of the five major directorates of the CIA (see this organizational chart of the CIA
for more details).
The EDG is responsible for the development, testing and operational support of all
backdoors, exploits, malicious payloads, trojans, viruses and any other kind of
malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with
George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded
Devices Branch (EDB), which infests smart TVs, transforming them into covert
microphones, is surely its most emblematic realization.
-WikiLeaks
CIA malware targets Windows, OSx, Linux,
routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows
users with its malware. This includes multiple local and remote weaponized "zero
days", air gap jumping viruses such as "Hammer Drill" which infects software
distributed on CD/DVDs, infectors for removable media such as USBs, systems
to hide data in images or in covert disk areas ( "Brutal Kangaroo") and to keep its
malware infestations going.
Many of these infection efforts are pulled together by the CIA's Automated Implant
Branch (AIB), which has developed several attack systems for automated infestation
and control of CIA malware, such as "Assassin" and "Medusa".
Attacks against Internet infrastructure and webservers are developed by the
CIA's Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control
systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's
"HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the
examples section below.
CIA 'hoarded' vulnerabilities ("zero days")
In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry
secured a commitment from the Obama administration that the executive would