Slashdot Mirror

← Back to Stories (view on slashdot.org)

WikiLeaks Reveals CIA Tool For Hacking Webcams, Microphones (thestack.com)

Posted by BeauHD on from the vault-7 dept.

An anonymous reader quotes a report from The Stack: WikiLeaks has released a new set of documents in the CIA Vault 7 leak, outlining the "Dumbo" hacking tool which allows control of webcams and microphones. The release explains that the tool is capable of completely suspending processes on webcams and corrupting video recordings. Dumbo's is tasked specifically with gaining and exploiting physical access to target computers used in CIA field operations, the release notes. According to WikiLeaks, the tool allows for the identification, control and manipulation of monitoring and detection systems, such as webcams and microphones, running the Microsoft Windows operating system. The technology first identifies all installed devices, whether they are connected locally, wirelessly, or across wired networks. Once Dumbo has detected all of these devices, it identifies all the related processes, which may include recording, monitoring or detection of video, audio and network streams. These operations can then be suspended by the operator. "By deleting or manipulating recordings the operator is aided in creating fake or destroying actual evidence of the intrusion operation," the release added. Dumbo does require direct access to the target computer and is run from a USB stick. The release states that it supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. However, 64bit Windows XP and Windows versions prior to XP are not supported.

11 of 107 comments (clear)

  1. Wikileaks has no info on Trump's treason? by bit+trollent · · Score: 4, Interesting

    Interesting that Wikileaks is publicizing CIA documents while leaving their master Vladimir Putin, and his puppet Donald Trump unscathed.

    What - the FSB doesn't hack webcams?

    And of course, Wikileaks and Donald Trump are the only ones pretending that their puppet master Vladimir Putin didn't meddle in the US election.

    Ok - fine I'm shocked that the American spy agency has hacking capabilities... I mean, how else would we know that our "President" committed treason, aside from observing his complete subservience to Vladimir Putin and Russia's interests.

    1. Re:Wikileaks has no info on Trump's treason? by bit+trollent · · Score: 2

      Yeah, I mean like signing the Russia sanctions bill while opposing it, and making clear that he doesn't intend to enforce it.

      Trump only criticized the congress in his signing statement, not Russia who attack our country.

      Donald Trump is committing treason on a public and vast scale every day.

    2. Re:Wikileaks has no info on Trump's treason? by bit+trollent · · Score: 5, Informative

      Blaming "The Deep State" for catching Donald Trump blatantly committing treason is just pathetic. He sold America out to Russia, and he got caught. That's Trump's fault.

      Our security agencies are just doing their job protecting us from Russia's attacks on our country. It is not their fault that Donald Trump colludes with Russia's attacks on our country.

      It is not the job of the US government to ignore Donald Trump's obvious crimes and treasonous actions.

  2. eh by butchersong · · Score: 4, Informative

    This doesn't seem terribly impressive. Local access required.. look at devices, suspend processes?

    1. Re:eh by AHuxley · · Score: 2

      MI6 and the CIA often has real humans to sneak in a USB stick. No changes on a trusted internal network.
      Data is collected and later collected by a human again.
      The other person, brand or nation still think their advanced firewall and internal network is totally secure.
      Different support for the different styles of the clandestine services. Some need network access, some has the human support role.
      Some network tools and AV products are getting too smart and report any and all changes.
      Local access is often the best way to avoid any traces and nothing new is detected down a network.

      --
      Domestic spying is now "Benign Information Gathering"
  3. Computers are insecure by 110010001000 · · Score: 2

    General purpose computers are insecure by design. They are meant to run software and software can be programmed to do anything. If you put anything of value on a general purpose computer you are foolish.

  4. They're not a hacking org by Anonymous Coward · · Score: 3, Informative

    > Interesting that Wikileaks is publicizing CIA documents while leaving their master Vladimir Putin, and his puppet Donald Trump unscathed.

    Wikileaks isn't a hacker organization, they can only leak things which people send to them which they can verify. Have you sent them any FSB docs lately?

  5. Distraction efforts by Smidge204 · · Score: 5, Interesting

    Mueller put together a grand jury for the ongoing Russia investigations. Later that same day, Wikileaks releases more dirt on the CIA.

    Honestly, how can anyone NOT at least suspect Wikileaks from being under Russia control at this point?
    =Smidge=

  6. Such an indignity! by Gravis+Zero · · Score: 4, Funny

    it supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. However, 64bit Windows XP and Windows versions prior to XP are not supported.

    We wrote all those lame webcam drivers but nooOOOOoo, not even the CIA will support Linux! >:(

    --
    Anons need not reply. Questions end with a question mark.
  7. Good news for all six of us still using XPx64! by ToTheStars · · Score: 3, Funny

    "However, 64bit Windows XP and Windows versions prior to XP are not supported." -- Of course, the same is true of most legitimate applications as well...

  8. I thought Wikileaks was for wrongdoing. by sabbede · · Score: 3, Insightful

    As in, "my boss is doing something wrong and the people need to know." Not for releasing the tools used by the CIA. What public benefit could there possibly be to putting the contents of James Bond's pockets on display? So far, I've only seen massive harm as malicious actors take these leaked tools and turn them into ransomware. Who should be sued for NotPetya, a Ukrainian firm that got hit, or Wikileaks for handing these exploits to the people who use them to hurt everyone?