WikiLeaks today released a handbook of another CIA-based hacking tool that is part of the Vault 7 series, which we talked a few months ago: “HighRise” internal name, this is an Android application to intercept messages SMS and not just.
Malware, as this is actually the case, would only work with Android versions between 4.0 Ice Cream Sandwich and 4.3 Jelly Bean, but as the shared document dated December 2013 may have been updated to be compatible with later versions .
The application that contains the tool, called TideCheck, must be manually installed on the target smartphone and launched at least once using a special code (the default is “inshallah”, or “If God wants it” translated from the Arabic language) .
As you can see from the screens, once you open TideCheck has three options, “initialize” (to start it), “show configuration” and “send message”, which allows you to send an SMS to a remote server. Always following the manual it seems that HighRise can do the following:
- Send a copy of the received SMS to a CIA-controlled server
- Send SMS from the target device
- Establish a communication channel between operating and LP
- Communicate over the Internet via TLS / SSL protocols
Based on the last two features mentioned above, HighRise seems to be not only a malware to be installed to control the target, but it can act as an encrypted communication channel between operatives and supervisors.
If you want to know more, you can refer directly to the manual in question, which you will find following this link.