WikiLeaks published today notes on what it alleges are a large set of CIA hacking tools. Among the dump was a tool developed by the CIA and MI5 that attempted to turn certain Samsung smart TVs into remote listening and monitoring devices. It’s called Weeping Angel. Because of Doctor Who. The exploit only targeted certain Samsung TVs, though if this tool exists, there are likely more hacks for other smart TVs.
If implemented, Weeping Angel was able to extract browser and WPA/Wi-Fi credentials and history. It could also make the TV look off though the tool kept it in a deep standby mode, listening and waiting. According to the file uploaded by WikiLeaks, CIA and MI5 developers were interested in enabling streaming audio, video captures and exploiting Samsung’s remote support function.
The exploit noted here targeted Samsung’s F8000 series of smart TVs. This TV was released in 2013 and was Samsung’s flagship line for the year. The documents revealed by WikiLeaks show the CIA and MI5 held a joint workshop to work on this hack in June of 2014.
This is yet another example of the dangers of IoT devices. Turning off Wi-Fi might not be enough to safeguard a person’s privacy.
A study published in 2016 found that intelligence agencies have found new ways to implement surveillance, and one way is to use connected devices such as smart TVs and connected thermostats. Early last month Vizio settled charges in a case that alleged it used automated content recognition to learn what owners of Vizio TVs were watching.
The best way to avoid smart TVs from surveilling a household is to not connect it to the internet from the moment it’s taken out of the box. Of course by doing so, a person is disregarding the smart features built into the TV. Instead, an owner could use an Apple TV or Roku device for smart features — though Amazon just today showed it is willing to turn over to the courts Echo user data, so the Fire TV might not be a good bet.
As far as for existing smart TVs, switching off Wi-Fi might not be enough. Developer’s notes for the aforementioned Samsung exploit show that the CIA was exploring keeping the Wi-Fi on while the TV was in a faked-off mode. It’s logical that other exploits could even ghost the Wi-Fi switch, making it appear the user switched off the wireless networking but it’s actually still active.
Disrupt 2026: The tech ecosystem, all in one room
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.
Save up to $300 or 30% to TechCrunch Founder Summit
1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
Offer ends March 13.
TechCrunch is still digging into the latest WikiLeaks data dump. More as we get it here.
