The US Embassy Shopping List, a collection of over 16,000 procurement requests filed by US embassies around the globe, was published by WikiLeaks on Friday, a day after a targeted DDoS attack briefly disabled all of its Twitter accounts.
Although the trove of quotation requests are more of an open secret, since they are considered public information, WikiLeaks created a searchable database listing even those procurement documents that are no longer linked on the embassies' websites.
While the bulk of the documents appear to be routine requests for janitor or carpenter services, or, in the case with the US embassy in Moscow, to plant summer flowers at the ambassador's residence, some hint at the existence of secretive surveillance operations.
For instance, in August, the US embassy in El Salvador requested a curious list of items to be procured by a responsible vendor, tellingly described as "tactical spy equipment." The list includes 94 spying devices, masquerading as everyday objects, including nine pens, 11 lighters, 11 shirt buttons, 12 watches and 12 pairs of glasses, as well as more conventional tools such as hidden cameras and binoculars.
In El Salvador and Colombia, the US embassy was shopping for spy cameras disguised as ties, caps, shirt buttons, watches, USB drives, lighters, and penshttps://t.co/fzcwoZskYVhttps://t.co/adxkW7R70S— WikiLeaks (@wikileaks) December 21, 2018
What is the nearest US embassy up to? Look for clues:https://t.co/ecyLrZrJQD pic.twitter.com/BliRzrdMSn
The US embassy in Colombia lists spy hats, spy glasses and spy cameras, night visors and binoculars in its procurement request from May 8, 2017.
American spies seem to be especially active (or careless) in Latin America. Another document revealed that the embassy in Panama sought licenses for Universal Extraction Devices (UFEDs) developed by an Israeli company specializing in digital intelligence.
The release also highlights a central role in the US operations in Europe played by its consulate general in Frankfurt, notorious for being exposed as an alleged CIA hacking hub. Last year, WikiLeaks claimed that the consulate serves as a covert base for US hacking operations across Europe, the Middle East and Africa in its "Vault 7" leak.
The procurement documents appear to align with those suspicions. One of the requests sheds light on the existence of a US data center in Frankfurt, with the document justifying the purchase for software citing its expansion.
Germany's Der Spiegel, which was quick to comb through the files pertaining to the consulate, reported that the facility, with its mammoth 900 staff, serves as a buyer for other US missions in Europe, ordering surveillance cameras for the US embassy in Pristina, Kosovo, and password-cracking and cell phone analyzer devices for the one in Armenia.
Der Spiegel: "Hard Working US Diplomats in Frankfurt". WikiLeaks release shows central role of Frankfurt consulate. Shopping list includes devices to crack mobile phones in Armenia and analyse data.— WikiLeaks (@wikileaks) December 21, 2018
Search the shopping lists of an US embassy near you: https://t.co/NYqyCmg1kZ pic.twitter.com/JDfxd51zWC
The Frankfurt consulate staff also requested a forensic tool "necessary for extraction of existing and deleted communication data" and other cell phone data for the embassy in Podgrica, Montenegro in 2016.
The US embassy in Ukraine has stocked up on surveillance devices, requesting 15 covert radios and 20 voice recorders, among other items.
Meanwhile, the US consulate in Guayaquil, Ecuador, decided to start small, by spying on the fish in its own pond: it wanted to hire someone to count the fish and clean the pond.
The US consulate in Guayaquil, Ecuador lost track of the number of fish in its fishpond and needed to hire someone to count the fish and clean the pond.https://t.co/kTuaEIKzxq pic.twitter.com/euTtn2HpYW— WikiLeaks (@wikileaks) December 21, 2018
The release comes just a day after WikiLeaks staff were logged out of their accounts, unable to tweet or reply to messages for more than 24 hours. A massive DDoS attack has been identified as the apparent cause.
Our IP Address: