Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Government Privacy United States Hardware Technology

WikiLeaks Reveals CIA Tool For Hacking Webcams, Microphones (thestack.com) 107

An anonymous reader quotes a report from The Stack: WikiLeaks has released a new set of documents in the CIA Vault 7 leak, outlining the "Dumbo" hacking tool which allows control of webcams and microphones. The release explains that the tool is capable of completely suspending processes on webcams and corrupting video recordings. Dumbo's is tasked specifically with gaining and exploiting physical access to target computers used in CIA field operations, the release notes. According to WikiLeaks, the tool allows for the identification, control and manipulation of monitoring and detection systems, such as webcams and microphones, running the Microsoft Windows operating system. The technology first identifies all installed devices, whether they are connected locally, wirelessly, or across wired networks. Once Dumbo has detected all of these devices, it identifies all the related processes, which may include recording, monitoring or detection of video, audio and network streams. These operations can then be suspended by the operator. "By deleting or manipulating recordings the operator is aided in creating fake or destroying actual evidence of the intrusion operation," the release added. Dumbo does require direct access to the target computer and is run from a USB stick. The release states that it supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. However, 64bit Windows XP and Windows versions prior to XP are not supported.
This discussion has been archived. No new comments can be posted.

WikiLeaks Reveals CIA Tool For Hacking Webcams, Microphones

Comments Filter:
  • by bit trollent ( 824666 ) on Thursday August 03, 2017 @04:25PM (#54936465) Homepage

    Interesting that Wikileaks is publicizing CIA documents while leaving their master Vladimir Putin, and his puppet Donald Trump unscathed.

    What - the FSB doesn't hack webcams?

    And of course, Wikileaks and Donald Trump are the only ones pretending that their puppet master Vladimir Putin didn't meddle in the US election.

    Ok - fine I'm shocked that the American spy agency has hacking capabilities... I mean, how else would we know that our "President" committed treason, aside from observing his complete subservience to Vladimir Putin and Russia's interests.

    • by jodido ( 1052890 )
      You mean like signing the Russia sanctions bill?
      • Yeah, I mean like signing the Russia sanctions bill while opposing it, and making clear that he doesn't intend to enforce it.

        Trump only criticized the congress in his signing statement, not Russia who attack our country.

        Donald Trump is committing treason on a public and vast scale every day.

    • by Anonymous Coward

      > Interesting that Wikileaks is publicizing CIA documents while leaving their master Vladimir Putin, and his puppet Donald Trump unscathed.

      Wikileaks isn't a hacker organization, they can only leak things which people send to them which they can verify. Have you sent them any FSB docs lately?

    • What - the FSB doesn't hack webcams?

      Who cares about Russia? That's been a lost cause for centuries. Save what you can save. Also, whataboutism.

    • Title is ironic.
      The parent post treats wikileaks as a ultimate, exclusive holders of all spy knowledge in the world, like it was given to them same god teleported stone plates to Moses while nobody was looking, or whatever.

      So wikileaks is now sitting on all that data given by god and other supernatural forces, and choosing not to publish FSB capabilities of hacking cameras and other crap.

      Are you fucking kidding me right now ?

      If there were documents floating around about FSB hacking cameras (as I'm sure they

    • by gl4ss ( 559668 )

      because they don't have info on them or because fsb shit is plastered on the media already when it surfaces?

      because really it is. maybe not in the states but in other places it is.. fsb torture hotel etc - and also the suppression of said news inside russia is reported.

      you would know if you cared.

      however this tool.. eh.. a local program that scans for x processes and local mp4 files and kills them if it is run locally.

      super lame but I can see the PITCH that got them to pay money from this. btw the DUM

    • oh yeah
    • Calling assange a rapist apparently got old for you guys, huh? The last several years of disinfo shilling still failed to make people ignore wikileaks.
  • eh (Score:5, Informative)

    by butchersong ( 1222796 ) on Thursday August 03, 2017 @04:29PM (#54936485)
    This doesn't seem terribly impressive. Local access required.. look at devices, suspend processes?
    • by Anonymous Coward

      The two possibilities are:

      The NSA, despite all its supposed math/crypto geniuses and elite computer programmers/hackers is actually a bunch of inept academics targetting the lowest common denominator of exploits and security systems.

      Or...

      The NSA has allowed this information to be released to help cover up for their ACTUAL level of technical adeptness, a large percentage of which is tied to TrustZone, Intel ME, and AMD PSP, allowing them these same levels of bypasses, but without being tied to a specific ope

      • by Anonymous Coward

        Or...

        They simply have agents working on assembly lines or in QA at computer manufacturers.

    • by AHuxley ( 892839 )
      MI6 and the CIA often has real humans to sneak in a USB stick. No changes on a trusted internal network.
      Data is collected and later collected by a human again.
      The other person, brand or nation still think their advanced firewall and internal network is totally secure.
      Different support for the different styles of the clandestine services. Some need network access, some has the human support role.
      Some network tools and AV products are getting too smart and report any and all changes.
      Local access is o
  • by 110010001000 ( 697113 ) on Thursday August 03, 2017 @04:31PM (#54936519) Homepage Journal
    General purpose computers are insecure by design. They are meant to run software and software can be programmed to do anything. If you put anything of value on a general purpose computer you are foolish.
    • by gl4ss ( 559668 )

      and if you're buying something that is a fucking bat file on an usb stick as a spy tool on 10000% markup then..

      look, this isn't that great of a tool, ground breaking or novel or anything like that. it's hollywood inspired and it has a singular actual purpose: to make whoever sold it to them money.

      what it would BETTER be doing would be to load up on the computer and look on the network chinese dvr boxes and hack them. because THAT IS ACTUALLY HOW 99% OF ALL SECURITY CAMS OPERATE NOWADAYS. nobody in the count

  • Distraction efforts (Score:5, Interesting)

    by Smidge204 ( 605297 ) on Thursday August 03, 2017 @04:58PM (#54936667) Journal

    Mueller put together a grand jury for the ongoing Russia investigations. Later that same day, Wikileaks releases more dirt on the CIA.

    Honestly, how can anyone NOT at least suspect Wikileaks from being under Russia control at this point?
    =Smidge=

  • by Gravis Zero ( 934156 ) on Thursday August 03, 2017 @05:33PM (#54936861)

    it supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. However, 64bit Windows XP and Windows versions prior to XP are not supported.

    We wrote all those lame webcam drivers but nooOOOOoo, not even the CIA will support Linux! >:(

  • by ToTheStars ( 4807725 ) on Thursday August 03, 2017 @05:47PM (#54936941)
    "However, 64bit Windows XP and Windows versions prior to XP are not supported." -- Of course, the same is true of most legitimate applications as well...
  • "64bit Windows XP and Windows versions prior to XP are not supported."

    Okay, This malware is known to work on Windows 2K3 Server - this should work on 64-bit XP by extension since it's almost-entirely the exact same codebase and kernel and driver model.

    This malware works on Windows XP 32-bit, which means that likely Windows 2000 is equally vulnerable as XP uses the Win2K Kernel and codebase (in fact they were both affected by almost all the exact same attacks. Anyone remember BLASTER?)

    This does not pass the

  • Freedom is obsolete - big brother is always watching. But we've all known this for more than a decade, right?

  • The pro-war shills are out in force today! One of the alphabet soup agencies must have signed a new contract for domestic disinformation propaganda.

    I wonder which information warfare mercenary company is running this sordid operation? I don't doubt it's "lawful", so we can't call them traitors or criminals. But it sure as fuck is unamerican.

    A message to the footsoldiers of this 50 Cent Army: blow the whistle! Let the public know how domestic media are being targeted by MIC contractors. Sunlight is a great

  • by sabbede ( 2678435 ) on Friday August 04, 2017 @07:33AM (#54939457)
    As in, "my boss is doing something wrong and the people need to know." Not for releasing the tools used by the CIA. What public benefit could there possibly be to putting the contents of James Bond's pockets on display? So far, I've only seen massive harm as malicious actors take these leaked tools and turn them into ransomware. Who should be sued for NotPetya, a Ukrainian firm that got hit, or Wikileaks for handing these exploits to the people who use them to hurt everyone?
  • I get that we all want the cheapest stuff, but it's seeming more and more obvious that there's a real need for hardwired LEDs adjacent to the recording devices on things. Hack all you want, but if power to the mic means power to the light, there is an indicator that it's being used. And while it's possible for a spy organization to crack a device open, wire the light up differently, and embed system hooks to turn it on only when legitimate programs are open and not their spy stuff, that's a very heavy lift

Technology is dominated by those who manage what they do not understand.

Working...