Back in March, WikiLeaks revealed a report of CIA hacking secrets, including the agency’s ability to break into iPhones, Android phones, smart TVs, and Microsoft, Mac and Linux operating systems. Now WikiLeaks has published the 16th batch of its ongoing Vault 7 leak. This time, WikiLeaks has unveiled How CIA Agents Stealing data from your Hacked Smartphones and forward them.
Here is How CIA Agents Stealing data from your Hacked Smartphones
For stealing data from compromised phone, CIA has introduced an app that is called HighRise. Initially, the app worked only for Android devices. Generally, the malware uses the internet connection to send stolen data of a hacked machine to the attacker-controlled server. But this app is especially designed to work without internet connection.
Wiki Leaks said about this new leak:
HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts.
Back in 2013, CIA has developed this app but only for Android Operating System. But now the latest update has also worked for iOS users.
How HighRise App works?
HighRise acts as a SMS proxy that provides greater separation between devices in the field. It also acts like listening post (LP) by proxying “incoming” and “outgoing” SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.
Once installed, the app prompts for a password, which is “inshallah,” and after login, it displays three options:
- Initialize — to run the service.
- Show/Edit configuration — to configure basic settings, including the listening post server URL, which must be using HTTPS.
- Send Message — allows CIA operative to manually (optional) submit short messages (remarks) to the listening post server.
After activation, the app continuously runs in the background. HighRise continuously monitors incoming messages from compromised devices. This app forwards every single received message to the CIA’s listening post server over a TLS/SSL secured Internet communication channel.