CIA Hacking Tools (Android/iOS)

Recently, internal CIA documents were leaked that show exploits and tools that they could be using to wiretap devices that we use everyday. This data was uploaded to the WikiLeaks website under various different branches. The entire leak is referred to as “Vault 7” and contains many zero day exploits, malware, trojans, and viruses created by them.


The various branches include the Embedded Development Branch (EDB), Remote Development Branch, Operational Support Branch, Automated Implant Branch, Network Devices Branch, etc.

Although, there are various exploits for Windows, OSX, Linux, and Unix, this article will focus on mobile operating systems.


Adderall – A tool designed for pulling files and retrieving kernel cache

ElderPiggy – Tool that can escalate permissions, giving root/sudo access

NightVision – Reads/Records device kernel data and memory

NightSkies – iOS implant that is installed with CrunchyLimeSkies

Mcnugget – Mission Control utility specifically for iOS implants

HAMR – Framework for browser based exploits

DRBOOM – Installer for implants up to iOS 8.2


Angerquake – HAMR related plugins to run remote exploits on Android devices

Orion – Remote exploit for Android devices

Freedroid – Tool that can escalate permissions, giving root/sudo access

RoidRage – Implant/Exploit for Android devices running 5.X (Lollipop) or lower.

There are many more exploits that I have not mentioned, but these are a main few. They just go to show how our data is always at risk, not even from large scale government organizations.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s