Documenting Venezuela's surveillance infrastructure through their own open APIs.
The regime built a vault. They forgot to lock it.
Crystal Vault documents Venezuela's centralized surveillance database announced in December 2024. The system, built by Chinese company ZTE, merges citizen identity records, banking data, and social program participation for over 30 million Venezuelans.
The regime exposed their infrastructure through unsecured WordPress REST APIs. Approximately 27.7 GB of data was retrieved without authentication, including government office locations, staff GPS coordinates, and operational statistics.
| Metric | Count |
|---|---|
| Total Repository Size | 30.6 GB |
| Total Data Exfiltrated | 27.7 GB |
| Media Files | 72,883 |
| Images with EXIF Metadata | 13,209 |
| Staff Phone GPS Locations | 345 |
| OFAC Sanctioned Individuals | 470 |
| Cracked Gravatar Emails | 35 |
| CNE Intranet Routes Exposed | 154 |
| Personnel Records | 1,550 |
- Overview with key statistics
- Interactive map with 479 locations (134 SAIME offices + 345 GPS coordinates)
- Media gallery with 72,883 files across government agencies
- EXIF metadata analysis
- GPS Intel tab with phone model and datetime extraction
- Cracked Gravatar hashes (35 emails recovered)
- OFAC sanctions cross-reference
- Personnel database
- Iranian/Hezbollah presence in Venezuela
- Network analysis and connections
- Margarita Island specific intelligence
- Tourism and government overlap analysis
- Chronological events and data points
- Detailed GPS coordinate analysis
- Phone metadata extraction
- Venezuelan government terminology
- Agency abbreviations and explanations
| Agency | Description | Files |
|---|---|---|
| SAIME | Immigration & ID Services | 134 office locations |
| INCES | Worker Training Institute | Media files |
| AVN | State News Agency | Media files |
| SAREN | Notary Registry | Media files |
| VTV | State Television | Media files |
| CANTV | State Telecom | Media files |
| Sistema Patria | Social Control System | App ecosystem data |
crystal-vault/
├── index.html # Main dashboard
├── gps_section.html # GPS analysis
├── hezbollah_intel.html # Hezbollah intelligence
├── margarita_intel.html # Margarita Island intel
├── timeline.html # Event timeline
├── glossary.html # Terminology guide
├── OFAC_Sanctions/ # US Treasury sanctions data
├── OpenData/ # Government open data
├── assets/ # CSS, JS, images
├── docs/ # Documentation
└── exfil/ # Exfiltrated data samples
- WordPress REST API:
/wp-json/wp/v2/users - Media endpoints:
/wp-json/wp/v2/media - Geographic data:
/wp-json/various routes - CNE Intranet: 154 exposed internal routes
- 13,209 images processed for metadata
- 345 contained GPS coordinates from staff phones
- Phone models identified: Samsung, iPhone, Huawei, Xiaomi
- Timestamps extracted for operational patterns
- 35 email addresses recovered from MD5/SHA256 hashes
- Cross-referenced with WordPress user enumeration
- Key accounts: government webmasters, officials
This research serves:
- Journalists investigating Venezuelan government operations
- Researchers studying authoritarian surveillance systems
- The 7+ million Venezuelan refugees whose personal data remains in government databases
- Human rights organizations documenting abuses
All data comes from publicly accessible APIs and US government records (OFAC).
This repository documents publicly exposed government infrastructure for research and journalism purposes. No systems were compromised - all data was accessible without authentication through misconfigured public APIs.
MIT License - See LICENSE file for details.