WikiLeaks published today notes on what it alleges are a large set of CIA hacking tools. Among the dump was a tool developed by the CIA and MI5 that attempted to turn certain Samsung smart TVs into remote listening and monitoring devices. It’s called Weeping Angel. Because of Doctor Who. The exploit only targeted certain Samsung TVs, though if this tool exists, there are likely more hacks for other smart TVs.
If implemented, Weeping Angel was able to extract browser and WPA/Wi-Fi credentials and history. It could also make the TV look off though the tool kept it in a deep standby mode, listening and waiting. According to the file uploaded by WikiLeaks, CIA and MI5 developers were interested in enabling streaming audio, video captures and exploiting Samsung’s remote support function.
The exploit noted here targeted Samsung’s F8000 series of smart TVs. This TV was released in 2013 and was Samsung’s flagship line for the year. The documents revealed by WikiLeaks show the CIA and MI5 held a joint workshop to work on this hack in June of 2014.
This is yet another example of the dangers of IoT devices. Turning off Wi-Fi might not be enough to safeguard a person’s privacy.
A study published in 2016 found that intelligence agencies have found new ways to implement surveillance, and one way is to use connected devices such as smart TVs and connected thermostats. Early last month Vizio settled charges in a case that alleged it used automated content recognition to learn what owners of Vizio TVs were watching.
The best way to avoid smart TVs from surveilling a household is to not connect it to the internet from the moment it’s taken out of the box. Of course by doing so, a person is disregarding the smart features built into the TV. Instead, an owner could use an Apple TV or Roku device for smart features — though Amazon just today showed it is willing to turn over to the courts Echo user data, so the Fire TV might not be a good bet.
As far as for existing smart TVs, switching off Wi-Fi might not be enough. Developer’s notes for the aforementioned Samsung exploit show that the CIA was exploring keeping the Wi-Fi on while the TV was in a faked-off mode. It’s logical that other exploits could even ghost the Wi-Fi switch, making it appear the user switched off the wireless networking but it’s actually still active.
TechCrunch is still digging into the latest WikiLeaks data dump. More as we get it here.