Gifts Under $30 Gifts Under $50 iPhone Emergency SOS Saves Man MyHeritage 'Time Machine' Guardians of the Galaxy 3 Trailer White Bald Eagle Indiana Jones 5 Trailer Black Hole's 1,000 Trillion Suns
Want CNET to notify you of price drops and the latest stories?
No, thank you

CIA's hackers are allegedly fixated on Pokemon

At least eight of the CIA's exploits to spy on Android devices are named after Pokemon, according to WikiLeaks.

Totodile, a starter in Pokemon Gold and Silver, is also the name of one of the CIA's Android exploits, according to WikiLeaks.

Gotta hack 'em all.

There are several Pokemon hidden among the CIA's Android exploits and hacking techniques divulged in thousands of documents released by WikiLeaks on Tuesday. The agency's hackers allegedly used security vulnerabilities to take control of a device remotely, and could then collect information like a user's location, texts and voice communications, as well as activate the phone's camera and microphone.

CNET is unable to verify if the documents are real or unaltered. WikiLeaks has a long track record of releasing top secret government documents, and experts said the CIA's hacks appear legitimate, according to CBS News.

Now playing: Watch this: How do WikiLeaks' CIA hacking claims differ from Snowden...

Of the CIA's alleged techniques to take control of Android devices, nearly one-third of them have code names inspired by Pokemon.

The choice of code names is an amusing quirk in an otherwise serious potential breach of US spy craft. It speaks to how much of a cultural phenomenon Pokemon has been since its release in 1996. It enjoyed a renewed wave of popularity last year thanks to Pokemon Go. Now, it looks like Nintendo's critters are finding themselves in the CIA's catalog of hacks.

"Starmie" and "Spearow" are among the Pokemon-inspired code names for the CIA's hacking programs.


An exploit named "Dugtrio," after the three-headed digging Pokemon, affected devices on Android 4.0 to 4.1.2, allowing hackers to gain remote access to devices. Another vulnerability code-named Starmie, a popular sea-star Pokemon, affected Samsung tablets, the Galaxy Note and devices on Android 4.0 to 4.3.

The Spearow vulnerability gave hackers remote access to private information, according to WikiLeaks. The code names only go up to the second generation of Pokemon, with Lugia as the only legendary Pokemon to become an Android exploit.

Pokemon like Totodile, Steelix, Snubbull and Flaaffy also popped up as code names.

It's unclear how or why the CIA would pick these names, and the intelligence agency is not commenting on WikiLeaks' allegations. The bizarre monikers aren't limited to just Pokemon, however.

WikiLeaks accused the CIA of using programs with interesting names like "Weeping Angel" to hack into devices and spy on people. The "Weeping Angel" program was used to infiltrate Samsung's smart TVs to turn them into hidden microphones, with a "Fake-Off" mode. Other ridiculous code names included "Hammer Drill" and "Brutal Kangaroo."

It's Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.

Batteries Not Included: The CNET team reminds us why tech is cool.