What is Vault 7?
A series of documents published by WikiLeaks in 2017 revealing the CIA's extensive cyber weapons arsenal — including tools to hack iPhones, Android phones, smart TVs, Windows, macOS, Linux, and even connected cars.
Also known as: Vault7, CIA Hacking Tools, CIA Cyber Weapons, Year Zero Leak
Vault 7 revealed that the CIA had built its own NSA-scale hacking operation — with tools to compromise virtually every consumer device on the planet.
What Was Leaked
Between March and September 2017, WikiLeaks published 8,761 documents and files from the CIA's Center for Cyber Intelligence (CCI), revealing:
Phone Hacking
- iOS exploits: Multiple zero-day vulnerabilities to compromise iPhones
- Android exploits: Tools targeting Samsung, HTC, Sony, and other Android phones
- Ability to bypass encrypted messaging apps by compromising the device itself (reading messages before encryption)
Smart TV Surveillance
- "Weeping Angel": Developed with MI5, this tool put Samsung smart TVs into a "fake off" mode while recording conversations through the TV's microphone
Computer Hacking
- Windows: Multiple exploits including those later used in WannaCry-like attacks
- macOS: EFI/firmware-level implants that survive OS reinstallation
- Linux: Tools for targeting Linux servers and desktops
Connected Cars
- CIA explored hacking vehicle control systems — WikiLeaks speculated this could be used for assassinations (unconfirmed but technically feasible)
Networking Equipment
- Router and firewall exploits
- Tools to compromise network infrastructure
Key Revelations
The CIA Lost Control of Its Arsenal
The entire toolkit was leaked by a CIA contractor (Joshua Schulte, convicted in 2022). The CIA couldn't even protect its own cyber weapons — these tools are now available to any nation-state or criminal group.
Hoarding Vulnerabilities
Rather than reporting vulnerabilities to manufacturers so they could be patched, the CIA stockpiled zero-day exploits. This meant every American was left vulnerable to the same attacks.
"Pocket" Hacking Units
The CIA's hacking teams were small, agile units — not the massive operations of the NSA. This model has since been adopted by other agencies.
Impact
- Multiple vendors rushed to patch vulnerabilities disclosed in Vault 7
- Reignited debate over government "vulnerability hoarding"
- Demonstrated that intelligence agencies are a threat to everyone's security — not just targets
- Joshua Schulte sentenced to 40 years in prison (2024)
Related Terms
Backdoor
A hidden method of bypassing normal authentication or encryption in a computer system. Backdoors may be intentionally built in (for maintenance or surveillance) or secretly inserted by attackers. In privacy contexts, backdoors refer to deliberate weaknesses that allow authorities to access encrypted data.
NSO Group
An Israeli cyber intelligence company that developed the Pegasus spyware, which can silently compromise any iPhone or Android phone — sold to governments worldwide and used to target journalists, activists, lawyers, and heads of state.
PRISM
A classified NSA surveillance program revealed by Edward Snowden in 2013 that collects data directly from major tech companies including Google, Apple, Facebook, and Microsoft.
XKEYSCORE
An NSA surveillance system that enables analysts to search and analyze global internet data including emails, browsing activity, and social media content in near real-time.
Zero-Day Exploit
An attack that exploits a previously unknown software vulnerability, giving defenders zero days to prepare a patch before it's used in the wild.
Have more questions?
Use our guided flow to get the right next privacy step for Vault 7.
Open Guided Flow