WikiLeaks Vault 7: Encrypted Apps Like Signal, Telegram, WhatsApp Not So Secure

(Twitter/WikiLeaks)

WikiLeaks released Vault 7 today, which is a huge trove of information about the CIA’s global hacking program. A big element that emerged from the release is that encrypted apps, largely touted for their privacy, can actually be bypassed by the CIA. These include Signal, Telegram, and WhatsApp, which may not be as secure as their users are hoping.

Here’s what you need to know.

The CIA’s covert hacking division, which according to WikiLeaks was the CIA’s own personal “NSA,” had found a way to bypass vastly popular end-to-end encryption apps used on phones to prevent hacking and spying. This was accomplished by hacking the smartphone first. The code would run in the background and collect audio and text message traffic before encryption was applied through the apps.

So this means that apps like WhatsApp, Signal, and Telegram — hugely popular because of their security features — were vulnerable. People using these apps could still be spied on if their phones had been hacked.

Here’s a quote from WikiLeaks about this:

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5,000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other ‘weaponized’ malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified. In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”

WikiLeaks continued:

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”

Essentially, it’s not the apps themselves that are hacked. But the CIA found a way around the apps in order to bypass their popular end-to-end encryption feature. The phones had to be hacked first before this encryption could be bypassed. They’re hacked using malware and hacking tools developed by EDG (Engineering Development Group) within the CIA’s Center for Cyber Intelligence, WikiLeaks explained. EDG develops and tests all backdoor exploits. Phones that are infected and can, thus, bypass these encrypted apps can also send to the CIA the user’s geolocation, audio, and text communications and covertly activate the phone’s camera and mic. Both iPhone and Android phones have been targeted.

In other words, once your phone is compromised, and end-to-end encryption app is no longer of any help.

Find out more about Vault 7 in our story below:

5 Comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

5 Comments

blacksteelblog

Crazy I have met a lot of fraudsters claiming to be hackers but kept ripping me off money, not until I met one off the darkweb who brought me out of my mystery and reuniting my wife back to me. I have forgiven her for all her disloyalty and atrocities he did in the past. Why not tell your situation to this hacker, he just might be your savior also. Besides I guess he does other hacking services (grades change, phone cloning, emails hacking and so on). Mail steelbreaker at techie dot com

Enrique Cameroon

Vault 7 released on the 7th after 7 clues (i thought)- (you mention 6 but that does jive with the 777 code here- triple 7s represent completion which could mean thwarting the attempt global nwo agenda- could mean all the pieces are in place to undermine America in order to intact the nwo by provoking the freedumb living citizens of this memory of great and beautiful idea that is America or merely the completetion of their role in exposing the deep dangerous shadow world of our government and now it’s in our hands to mold a future vision of America after drawing the poison from the deceptive wounds inflicted on our dearest lady liberty- finally the triple 7 having deep occult meaning could be a final move to forever damage the trust between America and her people while encouraging each and everyone to seek a personal moldable private secluded and ultimately lonely path to enlightenment- the government’s next move to counter this practically KO move in the war of information will be “aliens” watch and learn my friends… ✌ remember peace before panic when shut hits the fan 💫 🔮♾☮☯☿♎⚖♹✴

Discuss on Facebook