Travel secrets of undercover CIA hackers have been uncovered in the latest WikiLeaks data dump including claims the US Consulate in Frankfurt is a covert base for hackers.

The documents, which governments are working to verify, outline how undercover agents are given "black passports" for travel and a cover story to pass through security into Germany. From there they can move freely inside Europe's Schengen area and infiltrate other countries like France, Italy and Switzerland.

"Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport," one of the documents included in the cache reads.

"Check in, drop off your bags, shower (you probably need one). Do not leave anything electronic or sensitive unattended in your hotel room. (Paranoid, yes, but better safe then sorry.)


"If you arrive on a Sunday morning ... expect to find most businesses (grocery stores especially) are closed. Some restaurants may be open. Gas stations are not recommended for fine dining."

The travel instructions include advice to "buy something in Duty Free, because you're awesome and you deserve it!" It also contains a warning to watch out for cover stories of fellow agents.

"Be aware that your co-workers here are all under cover. While cover seems like an administrative thing back home, it is vital in the Field (sic).

"Help protect everyone's cover. Avoid using terms outside of the SCIF that could betray that people are not 'State Department' employees. Better to keep work discussions at work."

It's unclear whether the purported leaks are genuine however security analysts say they seem authentic. The German government is working with US authorities on verification of the cache that claims the Frankfurt Consulate is a covert base for electronic attacks that require "physical proximity".

"These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace," WikiLeaks said in a statement.

"The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer."

The notes are one of several documents that provide an insight into a normally impenetrable organisation at a human level.


Another post shows the names a staff member would like to use for projects "because they are awesome" including things like Starving Weasel and Face Hugger.

"These are mostly oblique references to things I like, tvtropes names that amuse me and situations or phrases at work encoded in toolname-esque obscurity," the person writes.

Other codenames used include names from movies like Fight Club and Ricky Bobby from Talladega Nights. The project to infiltrate Samsung smart TVs was dubbed Weeping Angel while others were called Rainmaker, Cocoon and Kraken.

The massive tranche of more than 8000 documents dubbed Vault 7 is from a high security CIA network outside Virginia, WikiLeaks claims.

The organisation said the CIA has "lost control" of its hacking arsenal that includes the ability for the intelligence agency to use iPhone, Android, Windows and Samsung products against their owners for spying.

On Wednesday, tech giants Apple and Samsung vowed to fix the flaws in their systems that may endanger users' privacy.

"While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities," Apple said.

"We always urge customers to download the latest iOS to make sure they have the most recent security updates."