The latest revelation includes a user guide for CIA’s “Weeping Angel” tool. It was a part of the first lot of CIA hacking tools released by Wikileaks in March.
Weeping Angel is derived from another tool called “Extending” which belongs to UK’s intelligence agency MI5/BTSS, according to Wikileaks.
Extending takes control of Samsung F Series Smart TV. The highly detailed user guide describes it as an implant “designed to record audio from the built-in microphone and egress or store the data.”
According to the user guide, the malware can be deployed on a TV via a USB stick after configuring it on a Linux system. It is possible to transfer the recorded audio files through the USB stick or by setting up a WiFi hotspot near the TV. Also, a Live Liston Tool, running on a Windows OS, can be used to listen to audio exfiltration in real-time.
Wikileaks mentioned that the two agencies, CIA and MI5/BTSS made collaborative efforts to create Weeping Angel during their Joint Development Workshops. According to a CNET report, these workshops were held sometime around June 2014.
It’s already known that physical access is required for the malware to be deployed. The firmware updates made in 2014 prevents the TVs from being hacked over the internet.
CIA was able to compromise firmware versions 1111, 1112, and 1116. They managed to implement a “Fake Off” mode to deceive users into believing that the TV is turned off while they secretly record conversations. However, they weren’t able to deduce a method to turn off the blue light on the backside of the TV or the Samsung logo that might help the user sense something fishy.
However, they weren’t able to deduce a method to turn off the blue light on the backside of the TV or the Samsung logo that might help the user sense something fishy.