scorecardresearch Skip to main content

WikiLeaks reveals CIA files describing hacking tools

WikiLeaks has posted thousands of files purportedly revealing secret cyber tools used by the CIA to convert cellphones, televisions, and other ordinary devices into implements of espionage.Doug Mills/New York Times/File

WASHINGTON — A vast portion of the CIA’s computer hacking arsenal appeared to have been exposed Tuesday by the antisecrecy organization WikiLeaks, which posted thousands of files revealing secret cyber tools used by the agency to convert cellphones, televisions, and other ordinary devices into implements of espionage.

The trove appeared to lay bare the design and capabilities of some of the US intelligence community’s most closely guarded cyber weapons, a breach that will probably cause immediate damage to the CIA’s efforts to gather intelligence overseas and place new strain on the US government’s relationship with Silicon Valley giants including Apple and Google.


WikiLeaks, which claimed to have gotten the files from a former CIA contractor, touted the trove as comparable in scale and significance to the collection of National Security Agency documents exposed by former US intelligence contractor Edward Snowden.

But while the Snowden files revealed massive surveillance programs that gathered data on millions of Americans, the CIA documents posted so far by WikiLeaks appear mainly to unmask hacking methods that many experts already assumed the agency had developed.

US intelligence officials and experts said that details contained in the documents suggest that they are legitimate, although that could not be independently verified, raising new worries about the US government’s ability to safeguard its secrets in an era of cascading leaks of classified data.

The files mention pieces of malware with names like ‘‘Assassin’’ and ‘‘Medusa’’ that seem drawn from a spy film, describing tools that the CIA uses to steal data from iPhones, seize control of Microsoft-powered computers, or even make Internet-connected Samsung television sets secretly function as microphones.

The release of so many sensitive files appeared to catch the CIA, White House, and other government entities off-guard. A CIA spokesman would say only that ‘‘we do not comment on the authenticity of purported intelligence documents.’’


In a statement, WikiLeaks indicated that the initial stockpile it put online was part of a broader collection of nearly 9,000 files that would be posted over time describing code developed in secret by the CIA to steal data. WikiLeaks said it redacted lists of CIA surveillance targets, though it said they included targets and machines in Latin America, Europe, and the United States.

The release was described by security experts and former US intelligence officials as a huge loss to the CIA. ‘‘It looks like really the backbone of their network exploitation kit,’’ said a former hacker who worked for the National Security Agency and, like others, spoke on the condition of anonymity, citing the sensitivity of the subject.

The breach could undermine the CIA’s ability to carry out key parts of its mission, from targeting the Islamic State and other terrorist networks to penetrating the computer defenses of sophisticated cyber adversaries including Russia, China, and Iran, former officials and tech specialists said.

‘‘Any exposure of these tools is going to cause grave if not irreparable damage to the ability of our intelligence agencies to conduct our mission,’’ a former senior US intelligence official said.

If legitimate, the release represents the latest major breach of sensitive US government data to be put on global display in humiliating fashion by WikiLeaks, which came to prominence in 2010 with the exposure of thousands of classified US diplomatic cables and military files. WikiLeaks founder Julian Assange has engaged in an escalating feud with the United States while taking refuge at the Ecuadoran Embassy in London from Swedish sexual assault allegations.


WikiLeaks’s latest assault on US secrets may pose an early, potentially awkward security issue for President Trump, who has repeatedly praised WikiLeaks and disparaged the CIA.

Trump declared ‘‘I love WikiLeaks’’ last October during a campaign rally when he read from a trove of stolen e-mails about his Democratic opponent, Hillary Clinton, that had been posted to the organization’s website.

White House press secretary Sean Spicer declined to comment when asked about the CIA breach Tuesday.

WikiLeaks indicated that it obtained the files from a current or former CIA contractor, saying that ‘‘the archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.’’

But the counterintelligence investigation underway at the CIA is also likely to search for clues to whether Russia had any role in the theft of the agency’s digital arsenal. US intelligence officials allege that WikiLeaks has ties to Russian intelligence services. The website posted thousands of e-mails stolen from Democratic Party computer networks during the 2016 presidential campaign, files that US intelligence agencies concluded were obtained and turned over to WikiLeaks as part of a cyber campaign orchestrated by the Kremlin.

Experts said the files appeared to be authentic in part because they refer to code names and capabilities known to have been developed by the CIA’s cyber branch.