On Tuesday, Wikileaks official twitter released the file known as Vault 7, alongside a passcode to be released later that day. Once the password was released, thousands on the internet began to pursue through the contents of the mysterious Vault 7 only to find inside, secret information about the CIA. This article will provide a list of the information collected in the leak, please note that all information contained in this article comes from WikiLeaks and WikiLeaks only

What is contained in the leak?

  • The first major point inside the vault is that according to the files within the vault the CIA can create a digital fingerprint that can be used by forensic investigators to attribute multiple different attacks to the same entity.The CIA's Remote Devices branch UMBRAGE group collects and maintains a substantial library of attack techniques stolen from malware produced in other states such as the Russian Federation.With UMBRAGE the CIA cannot only increase its total number of attack types by also misdirect attribution by leaving behind the fingerprints of the groups that the attack techniques were stolen from.
  • CIA malware targets iPhone, Android, and smart TVs
  • Year Zero documents show that the CIA breached the Obama administration's commitments.Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals
  • CIA hackers operating out of the Frankfurt consulate (center for Cyber Intelligence Europe) or CCIE are given diplomatic passports and State Department cover. The instructions for incoming CIA hackers make German's counter intelligence efforts appear inconsequential

What is vulnerable?

  • The CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized zero-day exploits, malware remote control systems and associated documentation.This collection contains over seven hundred million lines of code and gives its possessor the entire hacking capacity of the CIA.The archive appears to have circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided Wikileaks with portions of the archive
  • Notepad ++ has a DLL hijack which would allow the CIA to see what is typed into the program
  • The CIA made it's weaponized malware, listening posts and command, and control systems unclassified
  • As of October 2014, the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks.The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations
  • Every microphone and camera-equipped device is hackable and remotely controllable
  • The CIA are permitted to bypass the encryption of instant messaging applications such as WhatsApp, by hacking the smartphones that they run on and collecting audio and message traffic before encryption is applied
  • The CIA use a program called rainmaker to spy on colleagues by disguising a data collection tool as media.The hacker determines what data the program is to collect and instructs the Vlc Media Player to do so.The media is then put on a flash drive and handed off to the target.The target opens the media on their computer and watches it through the VLC media player.While they are watching, in the background the data is being collected.Once VLC media player closes, the data collection stops and no traces are left behind on the target computer.The target returns the media player to the hack and the data can be processed
  • The zero days referenced above are exploits that are found by the US government and kept secret from manufacturers.They have the ability to tap into Apple, Android, Windows, Mac, Linux and many other operating systems.The one which I find most interesting is smart TVs These devices go into a fake off mode, which shows that the TV is powered off, but in reality, they are constantly recording and sending these recordings are sent to the CIA