The whistle-blowing site WikiLeaks has published a user guide for CIA's "Weeping Angel" tool which had been based on a MI5/BTSS tool.
The user guide is part of the new 'Vault-7' batch which sheds light on MI5/CIA's classified smart TV malware bug manual.
The "Weeping Angel" tool is an implant designed for Samsung F Series Smart TVs. Reports from WikiLeaks press release indicate that it is designed to record audio from the built-in microphone and egress or store the data.
The whistle-blowing site indicates that the classification marks of the User Guide document hint that was originally written by the MI5/BTSS and later shared with the CIA. The further development of the malware was coordinated by both agencies as they collaborated in the Joint Development Workshops.
On the 7th of March, the site released the first part of what it called an unprecedentedly large archive of CIA-related classified documents.
A press release from WikiLeaks indicated that a large archive comprising various viruses, malware, software vulnerability hacks and relevant documentation, was uncovered by US government hackers, which is how WikiLeaks gained access to some of the data from the trove.
The Year Zero batch release was followed by the Dark Matter which was released on the 23rd of Match. The third batch was called Marble which was released on 31st of March. The Grasshopper batch which was revealing a platform for building malware was released on April 4. The HIVE batch revealing top secret CIA virus control system was released on April 14.
The first batch of WikiLeaks' CIA revelations shed light on a technology allowing to turn on a Samsung smart TV set's audio recording capabilities remotely which had been designed by the CIA and the UK Security Service MI5.
The Weeping Angel Extension on engineering notes constitutes the secret release of accomplishments made in the joint workshop with MI5/BTSS. The workshop is reported to have taken place on the 16th of Jun, 2014.
WikiLeaks has revealed that the joint workshop discovered that delete and download keyfiles are sensitive to any newline characters. It also found configuration file and setting that would manage automatic updates.
The workshop also found ways of adding features to periodically re-acquire alsa audio device while in Fake-Off mode, the CIA also established a way to suppress LEDs to improve look of Fake-Off mode.
The TinyShell was also modified and ported so as to provide shell, command execution, file transfer. The version is known as pshell since it's shell functionality is really a wrapper around popen() calls to emulate shell-like functionality. The workshop also received sanitized source code from UK with comms and encryption removed.