Recently, internal CIA documents were leaked that show exploits and tools that they could be using to wiretap devices that we use everyday. This data was uploaded to the WikiLeaks website under various different branches. The entire leak is referred to as “Vault 7” and contains many zero day exploits, malware, trojans, and viruses created by them.
The various branches include the Embedded Development Branch (EDB), Remote Development Branch, Operational Support Branch, Automated Implant Branch, Network Devices Branch, etc.
Although, there are various exploits for Windows, OSX, Linux, and Unix, this article will focus on mobile operating systems.
Adderall – A tool designed for pulling files and retrieving kernel cache
ElderPiggy – Tool that can escalate permissions, giving root/sudo access
NightVision – Reads/Records device kernel data and memory
NightSkies – iOS implant that is installed with CrunchyLimeSkies
Mcnugget – Mission Control utility specifically for iOS implants
HAMR – Framework for browser based exploits
DRBOOM – Installer for implants up to iOS 8.2
Angerquake – HAMR related plugins to run remote exploits on Android devices
Orion – Remote exploit for Android devices
Freedroid – Tool that can escalate permissions, giving root/sudo access
RoidRage – Implant/Exploit for Android devices running 5.X (Lollipop) or lower.
There are many more exploits that I have not mentioned, but these are a main few. They just go to show how our data is always at risk, not even from large scale government organizations.