According to yesterday’s massive Wikileaks info dump, Samsung smart TVs are reportedly susceptible to CIA hacks. Yeah, it’s some real life Jason Bourne stuff.
If the Wikileaks-hosted files are to be believed, the CIA has a TV malware program called Weeping Angel that may have been created during a collaboration with the agency’s British counterparts, MI5, back in 2014. The program would run like a normal TV App (think YouTube), but would also capture audio in the background (not video). It can also recover the WiFi keys used by the TV to later gain access to WiFi networks and any username/passwords stored on the TV browser.
“The tool appears to be under active development. The capabilities it boasts cannot currently capture video, according to the leaked docs,” Matthew Hickey, a security researcher and co-founder of Hacker House, said. “But that is a goal of the project. It can record audio but it does not stream it in real-time to the CIA. Instead it copies it off the TV as files.”
How do you protect yourself from ‘Weeping Angel’ hack?
Hickey said updating the TV could disrupt the CIA’s surveillance, as no evidence suggests that the Weeping Malware runs on the latest firmware. As noted in one of Wikileaks’ files: “Updating firmware over internet may remove implant (not tested) or portions of the implant…Firmware version 1118+ eliminated the current USB installation method.”
Having said that, the same engineering notes includes a feature to “prevent updates,” meaning the CIA may have found a way to stop the Samsung device from updating automatically. Again, this all unconfirmed at the moment.
This is not the first time the Samsung Smart TV security features have come under fire. The FBI had previously successfully searched the Samsung TV of a suspect as part of an investigation into child sex abuse material, according to Forbes. In 2015, Samsung was suspected of sharing conversations recorded by the TV with third parties.
Whatever the case may be, remember to stay woke, my friends.