Your Samsung Smart TVs may have been turned into a CIA listening device, according to documents published by WikiLeaks yesterday.
The attack, which seems to require physical access to the TV and an infected USB drive, enables a “Fake-Off mode” that allows the microphone to be accessed remotely even after the TV has been seemingly turned off. The malware also suppresses the TV’s LED lights, removing any suspicion that the device is still active.
Weeping Angel can also reportedly extract usernames, passwords and Wi-Fi keys – allowing access to the target’s network and other connected devices.
“The tool appears to be under active development,” security researcher Matthew Hickey told Forbes. “The capabilities it boasts cannot currently capture video, according to the leaked docs. But that is a goal of the project. It can record audio but it does not stream it in real-time to the CIA. Instead it copies it off the TV as files.”
The malware called “Weeping Angel” is said to have been developed by the CIA about three years ago in collaboration with Britain’s internal spy agency MI5.
Hickey also stated that Weeping Angel may be neutralized if the target updates their TV’s firmware since the malware is designed specifically for versions below 1118. …
[But] the CIA can also use a feature known as “prevent updates” to stop a device from removing the malware. While a factory reset code can bring the TV back to its original state, most users are unlikely to closely monitor their firmware version.
Security researchers have long warned about vulnerabilities with not only Samsung TVs but with IoT (Internet of Things) devices in general.
In a 2012 Wired article, entitled, CIA Chief: We’ll Spy on You Through Your Dishwasher, then-CIA Director David Petraeus heralded emerging technologies in relation to espionage. “‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,” Petraeus said, “particularly to their effect on clandestine tradecraft.”
As reported by Infowars in 2012, security firm ReVuln discovered similar issues that allowed a Samsung TV’s microphone and camera to be accessed.
“It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV,” Security Ledger reported at the time. “And, in an Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set.”
While the vast majority of smart TV users are not going to have their devices physically targeted by CIA, Samsung has admitted in its own terms of service that a user’s personal conversations can be recorded and transmitted to third parties – creating a larger attack surface for the private data.
“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition,” the policy stated.
An “Orwellian twist?” This story is pure Orwell. Spying on private lives by the state through TV screens as such was prophesied in his novel Nineteen Eighty-Four:
[Winston Smith] thought of the telescreen with its never-sleeping ear. They could spy upon you night and day, but if you kept our head you could still outwit them. With all their cleverness they had never mastered the secret of finding out what another human being was thinking.
Winston Smith discovers he is wrong about that. His thoughts get not only found out but changed, by torture and terror, to those the state – “Big Brother” – wants him to have. Remember the horrifying last words of the novel?
He loved Big Brother.
Who has allowed America to become a Big Brother’s state? Whose idea was it? Why?
And what are Americans going to do about it?
Where’s the outrage?