In last decade, we have seen hundreds of heist movies where spies or bank robbers hijack surveillance cameras of secure premises to either stop recording or set up an endless loop for covert operations without leaving any evidence. This is real life scenario.
Wikileaks has just published another classified CIA project, named “Dumbo” which details how CIA agents hijack and manipulate webcams and microphones in Hollywood style.
The Dumbo CIA project involves a USB thumb drive equipped with a Windows hacking tool that can identify installed webcams and microphones, either connected locally, wired or wirelessly via Bluetooth or Wi-Fi.
Once it identifies, the Dumbo allows the CIA agents to:
- Disables all network adapters
- Mute all microphones
- Selectively corrupted or delete recordings
- Suspends any processes using a camera recording device
However, there are two conditions for a successful operation:
- The USB drive needs to remain plugged into the system throughout the operation to maintain control over connected surveillance devices.
- Dumbo program requires SYSTEM level privilege to run.
The Dumbo project has been used by the CIA’s Physical Access Group (PAG), which is a special branch within the Center for Cyber Intelligence (CCI) which is also tasked to gain and exploit physical access to target computers in CIA field operations.