What is HighRise?

We have seen some interesting revelations by the WikiLeaks team over the years. One of their latest leaks exposes CIA hacking tools. The list of tools is growing alarmingly long. In their new release, WikiLeaks talks about a tool known as HighRise, which is capable of snooping on SMS messages on the Android ecosystem.

HighRise is a Tool one Shouldn’t Ignore

Why does the CIA needs so many hacking tools in the first place.? Sadly, most of these tools are not just used to expose criminals and malicious individuals, but also provide the intelligence agency with a way to spy on citizens. So far, all of their tools have been rather successful, although it is unlikely anyone will ever know the repercussions of these hacking tools.

HighRise is one of the tools the CIA has been quiet about for several years. This one specifically targets Android devices. Compared to other mobile operating systems, Android is by far more popular. iOS does not even come close, and Blackberry is only used by a small minority. New entrants in the market, such as Firefox OS, Sailfish OS, and others have yet to gain any form of noteworthy traction against Android.

The Android ecosystem lets users install applications from outside of the official Play Store. All it takes is one check box to enable or disable this feature. It makes a lot of sense for the CIA to target Android users. According to the WikiLeaks information, HighRise works on Android versions 4.0 to 4.3. That means it will only affect a small portion of all global users, yet there are still far too many phones running any of these Android OS versions.

Under the hood, HighRise can be used to redirect incoming and outgoing SMS messages to listening posts belonging to the CIA. Once they received a copy of the messages, the content itself would just be sent to the initial recipient without further issues. It is essentially an SMS proxy which “handles” incoming and outgoing text messages. In other words, HighRise is a CIA spying tool looking to snoop on your personal communication.

Victims of this tool do not get “infected” with HighRise like they would with other types of malware. Instead, the app would need to be installed manually by Android users. Even then, they still need to update all settings manually before it can become active. There is also an app-list checked component called TideCheck, which goes through all of the installed applications on said device. Last but not least, the app will only work once the ‘victim’ enters the world “inshallah” -“God Willing” in Arabic- in the activation textbox.

The whole world had their eyes opened to how the CIA operates and what they are trying to achieve. While the agency continues to claim these are matters of national security, US citizens and others around the world may not believe that any longer. Intelligence agencies only handle in their best interest, which means they go to any lengths to spy on consumers if they have to. Thankfully, it appears HighRise is not much of a threat, since Android 5.0 and higher are becoming the norm for Android devices.