The latest information dump from Wikileaks’ Vault 7 haul has shed light on how the CIA was able to exploit Apple’s Mac computers and iPhone smartphones.
The new ‘Dark Matter’ leak gives detail on how the US intelligence agency was able to gain access to the widely used gadgets.
First up is the Sonic Screwdriver – named after the Doctor Who gadget that can unlock anything. This 2012 hack saw the CIA install malware on a peripheral like a Thunderbolt-to-Ethernet adapter.
Related: WIkileaks CIA Vault 7 – Why you should care?
When the Mac was powered on, the Agency was able to execute its code and install tracking firmware on the computer.
If targeted users plugged the dongle into multiple Macs, they would have multiple infected Macs. Thankfully, Apple fixed the flaw in 2015, but it doesn’t make us feel any less uneasy about the amount of dongles MacBooks require us to use these days.
Moving on, DarkSeaSkies v1.0 – a collection of three different pieces of malware – was designed for the original MacBook Air and enabled data to be uploaded from the computer without the user’s knowledge.
Today’s release also features a manual for the CIA’s “Nightskies 1.2” tool, which allowed it to infect ‘factory fresh’ iPhones.
According to the Vault 7 documents this “beacon/loader/implant tool” has been in existence since 2008, although it’s unlikely to still be in use today.
In a post announcing the new info dump, Wikileaks wrote: “Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB).
“These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.”
Apple is yet to comment on the release of the documents.
What do you make of the latest Wikileaks data dump? Share your thoughts in the comments below.