WikiLeaks Vault 7 Dark Matter: CIA Hacking Tools For Macs, iPhones Revealed
WikiLeaks released the latest cache of documents in its “Vault 7” series Thursday, publishing the details of a number of U.S. Central Intelligence Agency (CIA) hacking programs designed to target Macs and iPhones.
The CIA hacks highlighted in the latest information dump, dubbed Dark Matter by WikiLeaks, include programs developed by the CIA's Embedded Development Branch (EDB) to infect the firmware—software that performs basic functions and is embedded into a piece of hardware—of Apple computers.
The primary revelation of the Dark Matter is the Sonic Screwdriver project. Named after a device from the Dr. Who universe, the Sonic Screwdriver is described in CIA documents as a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting."
The tool overrides one of Apple’s firmware protections that prevents any changes to the boot path of the device. Sonic Screwdriver, the code of which is stored in the firmware of a modified Apple Thunderbolt-to-Ethernet adapter, overrides that protection and allows the CIA to boot its programs from a USB drive, DVD or external hard drive.
Also revealed in the documents are number of malware-like tools for infecting Macs, including the particularly resistant DarkSeaSkies. An implanted program designed for MacBook Air computers that provides the CIA with command and control capabilities, the tool nests itself in the computer’s firmware and can survive a full wipe of the operating system.
While Macs are the primary focus the Dark Matter cache, WikiLeaks also revealed a CIA tool for infecting iPhones. Known as NightSkies, the tool is able to collect information from the handset including contacts, text messages, call log information and web browsing history.
The NightSkies documentation published by WikiLeaks, which is dated July 7, 2008, describes how to install the tool on “factory fresh” devices. WikiLeaks interpreted that to mean the CIA infects devices within Apple’s supply chain before they ever are received by a user.
Read: Apple Claims iOS Security Flaws Identified In Wikileaks 'Vault 7' CIA Dump Already Fixed
The documents are the latest in a trove of files stolen from the CIA that have been published by the anti-secrecy organization.
Earlier this month, the group published its first batch of files from its Vault 7 series that focused on the CIA’s ability to hack mobile devices and internet-enabled televisions. WikiLeaks founder Julian Assange promised to provide tech companies with additional documentation from the leaks to protect against exploits, however most companies claimed the vulnerabilities were patched well in advance of the leaks and questioned Assange’s motives.
Apple has yet to respond to the latest documents from WikiLeaks.
© Copyright IBTimes 2024. All rights reserved.