It hides behind the guise of a software update.
Apparently, nobody's exempt from the CIA's intelligence gathering, not even its own intelligence partners. According to a set of documents published by WikiLeaks, the CIA uses a tool called "ExpressLane" that hides behind a fake software update to collect information from agencies around the world that use its biometric collection system. In the US, the list includes fellow government agencies like the FBI, the NSA and Homeland Security. These partners are supposed to share data with the CIA, but clearly, the intelligence service wants to make sure they're not keeping anything from the agency.
Based on the info written in the documents, the CIA pre-installed ExpressLane in the systems of newer partners. For older ones, it gets installed by an agent personally visiting a partner site under the guise of installing a software update. ExpressLane disguises itself as a harmless exe file in Windows' System 32 folder, but it actually collects files of interest. When an agent inserts a thumb drive to run the fake software update, ExpressLane automatically uploads the compressed and encrypted files it gathered.
That thumb drive will also install a "kill date" that disrupts the system by a certain date, forcing the partner to call the CIA for service. This tactic guarantees agents can collect data even if a partner refuses the shady software update. It's unclear what the CIA plans to do with all that biometric data -- it could be using them for a secret operation, but it could also be collecting them for no particular reason. Either way, the more info it gathers, the more powerful it becomes, so it's not really surprising for the agency to ensure that nobody can keep secrets from it. Via: The Verge Source: WikiLeaks