Thousands of documents said to be from the CIA’s Center for Cyber Intelligence, a senior elite hacking unit within the US intelligence agency, have been leaked.
The documents, released Tuesday by the website WikiLeaks, could not be immediately verified, but as the Associated Press noted, the website has a long track record of releasing classified government documents.
WikiLeaks said that the documents span 2013 to the end of 2016.
If the documents are proven to be genuine, this would mark yet another startling breach at US intelligence in recent years, following the revelations by Edward Snowden.
Many of the files reference an elite software unit, dubbed the Engineering Development Group, which builds and tests “backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations worldwide,” according to the leak site’s analysis.
In total, the hacking group is said to have developed “more than a thousand” exploits for iPhones, iPads, and a range of Android devices, aimed at countering security measures and encryption apps.
These exploits can collect a user’s location, audio and text messages, and silently activate the device’s camera and microphone.
One of the files, labeled “secret” and not for sharing outside the US intelligence community, appears to detail acronyms and terms used by various agencies tasked with building vulnerabilities for iPhones and iPads. Another document shows dozens of working exploits that US agencies, including the FBI, can use to conduct surveillance and intelligence gathering on Apple users.
Other files, some classified as “top secret,” detail sensitive reflashing procedures for modern iPhones, which allow the cyber unit to configure devices to a particular operating system and setting, in order to carry out “exploits and implants for high priority target cell phones for intelligence collection.”
Some of the vulnerabilities appear to be as recent as iOS 9, released in late 2015.
The CIA claimed at the end of 2016 to have 24 zero-days for Android phones and devices, developed by its own staff or obtained by third-parties.
In some cases, exploits have been “purchased” by the NSA and shared with the CIA and British intelligence counterpart GCHQ.
However, it’s not believed that the exploit code have been released as part of the publication, unlike similar data breaches.
Many of the other exploits include Windows desktop and server operating systems, Macs, Linux machines, and other major enterprise software, such as VMware.
Tony Robinson, a former staffer with Tailored Access Operations, the NSA’s hacking unit, called the leaks “disconcerting” in a tweet.
“The bigger problem is that this exposes more of our tradecraft. The cards are on the table,” he said.
A CIA spokesperson said: “We do not comment on the authenticity or content of purported intelligence documents.”
A spokesperson for the Office of Director of National Intelligence could not be immediately reached for comment.
