WikiLeaks Vault 7: Samsung Smart TVs Recorded Conversations While Turned Off

(Twitter/WikiLeaks)

WikiLeaks released Vault 7 today, which is a huge trove of information about the CIA’s global hacking program. A big element that emerged from the release is the hacking of Samsung Smart TVs (and likely other smart TVs too.) However, this really shouldn’t come as much of a surprise. At one point in 2015, Samsung’s privacy policy warned people not to talk about private conversations in front of their TVs.

Here’s what you need to know.

According to WikiLeaks’ Vault 7 release, “Year Zero” exposes the CIA’s covert hacking program, including exploits against products like iPhone, Android, Windows, and Samsung TVs. The CIA has an extensive hacking division, WikiLeaks said, which is composed over over 5,000 registered users and more than a thousand hacking systems and malware. Samsung TVs are particularly vulnerable and “turned into covert microphones.”

WikiLeaks wrote:

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

You can read all the files about Weeping Angel here.

Interestingly, this really shouldn’t come as a shock to the public. The CIA has been very open about its interest in hacking appliances. In fact, before Smart TVs became popular, it was known that the CIA wanted to spy on people through their appliances, according to this article by Network World. Then-CIA Director David Petraeus spoke at a CIA’s venture capital firm in 2012 and said the CIA was interested in monitoring items in the home that were connected to the Internet.

In fact, in 2015 Samsung’s SmartTV privacy policy warned people not to discuss private information in front of their TV.

The warning read:

Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

After criticism of the “Orwellian” TV privacy policy, Samsung edited out that policy, TechCrunch reported at the time. Samsung posted a rebuttal at the time and said that its SmartTVs “do not monitor living room conversations.” However, it appears that thanks to the CIA hack, according to WikiLeaks, they might have. But Samsung may not have been aware of this.

According to WikiLeaks’ file about the Samsung hack, the Samsung F8000 Smart TV was the one at risk. The file states that updating firmware over the Internet might remove the implant and that “Firmware version 1118+ eliminated current USB installation method.” Note: This doesn’t mean other types of Smart TVs weren’t hackable, this is just what is specifically noted in the file.

Find out more about Vault 7 in our story below: