Anti-secrecy group WikiLeaks on Tuesday said it had obtained a top-secret trove of hacking tools used by the CIA to break into phones, communication apps and other electronic devices, and published confidential documents on those programs.
Among the most noteworthy WikiLeaks claims are that the Central Intelligence Agency, in partnership with other US and foreign agencies, has been able to bypass the encryption on popular messaging apps such as WhatsApp, Telegram and Signal, by hacking phones that use Google’s Android platform to collect audio and message traffic before encryption is applied.
Google declined to comment but said it was investigating the matter.
If verified, the information in the documents would amount to yet another breach of classified material stolen in recent years from US intelligence agencies. US officials said they were unaware of where WikiLeaks might have obtained the material.
Reuters could not immediately verify the contents of the published documents.
WikiLeaks, led by Julian Assange, said its publication of the documents on the hacking tools was the first in a series of releases drawing from a data set that includes several hundred million lines of code and includes the CIA’s “entire hacking capacity.”
WikiLeaks said it published the CIA documents “while avoiding the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should be analyzed, disarmed and published.”
US intelligence agencies have said that Wikileaks has ties to Russia’s security services. During the 2016 US presidential campaign, Wikileaks published internal emails of top Democratic Party officials, which the US agencies said were hacked by Moscow as part of a coordinated influence campaign to help Donald Trump win the presidency.
WikiLeaks has denied ties to Russian spy agencies.
It was not immediately clear how much damage publication of the documents – should they be legitimate – might do to the spy agency’s cyber programs.
But some of the documents are dated as recently as February 2016, suggesting they describe recent cyber tools and programs.
“We do not comment on the authenticity or content of purported intelligence documents,” CIA spokesman Jonathan Liu said in a statement.
Several cyber security consultants and contractors said the documents obtained by Wikileaks, dated between 2013 and 2016, appear legitimate.
A longtime intelligence contractor with expertise in US hacking tools told Reuters the documents included correct “cover” terms describing active cyber programs.
“People on both sides of the river are furious,” he said, referring to the CIA and the eavesdropping National Security Agency based in Fort Meade, Maryland. “This is not a Snowden-type situation. This was taken over a long term and handed over to WikiLeaks.”
Beginning in 2013, former NSA contractor Edward Snowden revealed highly classified details of that agency’s surveillance programs.
“While we are still assessing the contents of the leak … the source appears legitimate,” said Brian Hein, Director of Strategic Initiatives at Flashpoint, a cyber intelligence firm.
“The files within the leak contain a number of documents that appear to be from the CIA and NSA, with information on programs to bypass encryption,” Hein said in an email.
WikiLeaks also said the documents showed CIA operatives had researched how to hack and take control of devices other than computers and smartphones connected to the Internet.
In one case, it said, US and British personnel, under a program known as Weeping Angel, had developed ways to take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.
This could be the latest of several breaches. In 2010, US military intelligence analyst Chelsea Manning provided more than 700,000 documents, videos, diplomatic cables and battlefield accounts to Wikileaks. President Barack Obama shortened her prison sentence in January.
Last month, former NSA contractor Harold Thomas Martin was indicted on charges of taking highly sensitive government material over a course of 20 years, storing the trove of secrets in his home.