WikiLeaks reveals CIA tool for SMS spying

The latest addition to WikiLeaks' Vault 7 cache of leaked CIA documents details an app that can be used to intercept SMS messages on Android devices. The HighRise tool can grab messages before sending them on to a CIA-controlled server.

The app itself goes by the name of TideCheck and it serves as an SMS proxy to allow for the interception of messages on a target's phone. The app itself is password protected (with the word "inshallah") to prevent unwanted tinkering. It also seems to serve a dual purpose, acting as a secure communication channel for CIA operatives.

Unlike many of the other CIA tools revealed as part of the Vault 7 leaks, HighRise/TideCheck cannot be installed remotely, and requires physical access to a phone to get it installed and running. The leaked documentation shows that the app only works on Android 4.0 to 4.3, but as the file dates back to late 2013, it's likely that the app was updated for future versions of Google's mobile operating system.

Writing about the SMS tool, WikiLeaks says:

Today WikiLeaks publishes documents from the Highrise project of the CIA. HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts. HighRise acts as a SMS proxy that provides greater separation between devices in the field ("targets") and the listening post (LP) by proxying "incoming" and "outgoing" SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.

The documentation for HighRise can be found on the WikiLeaks website.

Image credit: Pakpoom Phummee / Shutterstock