WikiLeaks docs detail UK role in developing CIA’s TV hacking malware

WikiLeaks’ latest release appears to detail the British program that helped the CIA develop malware to turn some Samsung TVs into spying devices.

WikiLeaks released the user manual for a British-made malware called “Extending” on Friday morning, the sixth round of documents allegedly stolen from a secure CIA server. Unlike past releases, the latest is only a single file and was not written by the CIA. 

In the first batch of documents, Wikileaks outlined the CIA’s “Weeping Angel” program that could force certain voice-activated Samsung smart TVs to transmit audio from their microphones to the agency – functionally turning the TVs into listening devices. The malware could make the televisions appear to be off while recording.

{mosads}The original documents discuss a joint CIA/MI5 workshop on the TV hacking program and state that MI5 loaned source code to help the CIA design its malware.

Similarities between the two programs show that the CIA’s Weeping Angel appears to have been derived from MI5’s Extending software.

Initially, it was widely misreported that Weeping Angel allowed the CIA to remotely hack certain models of Samsung televisions, creating a possible mass surveillance program. In fact, as the first Wikileaks documents stated, the malware had to be implanted by hand using a USB drive.

Extending appears to have many of the same features and limitations as Weeping Angel.

It also can make TVs appear to be off while recording and can only be used on Samsung’s 2013 F-series line of televisions. In the CIA manual for Weeping Angel, only the F8000 model was mentioned.

The British manual for Extending, dated April 2014, three months before the CIA/MI5 workshop, states that the document is classified as Secret Strap 2, meaning that even among those with British security clearances only a restricted group would be able to see it. The manual is also marked “U.K. eyes only,” which would restrict readers at that time to a British audience. 

The manual says Extending would be configured for installation on a Linux computer before implanting the malware on the TV. It could be uninstalled either by hand with a USB or by programming an expiration date. 

People worried that their TVs were infected by Weeping Angel have been advised that disconnecting the computer from a power source before plugging it back in would clear the malware from the system. 

This is the first WikiLeaks release since CNN’s reported Thursday that the U.S. government would file charges against WikiLeaks head Jullian Assange for aiding in hacking of classified systems.