HighRise – Intercepting and Redirecting Your Text Messages
The CIA’s dirty laundry, dirtier than we thought
In Thursday’s WikiLeaks dump it was revealed that the U.S. Central Intelligence Agency has yet another creeper-peeper tool, this one a little bit more on the disturbing side of things.
They are utilizing a rather nasty piece of malware codenamed “HighRise” aimed specifically at Android devices that can intercept and redirect your text messages.
In all reality this is not shocking, it is exactly what one would expect an intelligence agency to have and to use.
HighRise acts as a proxy server for text messages, and it was designed with one major flaw, HighRise must be manually installed onto a device, meaning that an agent would have to come into direct contact with the device in order to install HighRise.
So after getting to the point of handling a device, once installed, an application named TideCheck shows up in the list of apps on the device. TideCheck just so happens to house HighRise. The agent has to then open the app to start the program, then run a special code by entering the word “inshallah,” you’ll love what that means: “God willing” in Arabic. The code word is typed into a textbox that is disguised to look like it’s asking for an activation code for the app. Once the code is entered, the agent will have access the app’s settings.
After all of those hurdles the agent must go through, the initial installation kicks in and HighRise runs in the background to perform its task. The application starts automatically every time the phone is powered on, so it could continue to intercept texts for more than a single cycle.
What is not clear is if the CIA is even still using the malware or if it’s been updated to work with newer android devices.
Again, not a shocking little piece of malware the CIA developed although what shocked me the most was how user unfriendly it is for any agent tasked with deploying it originally and I say originally because again, we have no idea whether or not the US Central Intelligence Agency has improved the product.
I would assume that they have, meaning it no longer would have to be manually installed on a device.
Not to worry however because, if the CIA didn’t improve it, someone else will or already has.
Think about that one next time you are texting your beloved images of your naughty bits.
Cristal M Clark