WikiLeaks Exposes CIA’s HighRise SMS Spying Tool In Latest Vault 7 Dump
Based on the manual's description, HighRise acts as a proxy server for text messages on compatible Android devices. It then takes those messages and flings them to Internet "listening posts" where an agent can intercept and read them. The app is also password protected to prevent unauthorized users from making any unwanted to changes to its settings or behavior.
One thing that is interesting about this particular malware is that it cannot be installed remotely, unlike some of the other tools the CIA is known to have used. HighRise must be installed physically and then manually run once before it will automatically run in the background or after a reboot. As a consequence of this, HighRise also shows up in the list of installed apps so it can be started by the HighRise operator, according to the user guide.
These features suggest that this particular version probably was not used for spying on a target, at least not directly, and instead was used as a secure line of communication with CIA agents in the field, perhaps as a backup. Previous versions of the app did not have these attributes.
It is not known if the CIA continues to use this tool, albeit and updated version that supports newer version of Android (and perhaps iOS as well).