Technology content trusted in North America and globally since 1999
7,773 Reviews & Articles | 57,637 News Posts

WikiLeaks: Apple Mac, iPhone firmware hacked by CIA

The CIA reportedly infected Apple Mac firmware with spying software, as well as iPhones, and more
By: Anthony Garreffa | Privacy & Rights News | Posted: Mar 24, 2017 2:48 am

So, it looks like most of Apple's products are bugged by the CIA - if the latest claims from WikiLeaks are to be believed. The new "Dark Matter" release from "Vault 7" has documentation for "several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware".

 

wikileaks-apple-mac-iphone-firmware-hacked-cia_02

 

WikiLeaks has exposed the interestingly named "Sonic Screwdriver" project, something that CIA calls a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting". This hack provides its attacker, so in this case the CIA, to deploy its attack software from a USB flash drive - and scarily "even when a firmware password is enabled".

 

The CIA's "Sonic Screwdriver" infector is reportedly stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter, says WIkiLeaks.

 

WikiLeaks' report continues, with "DarkSeaSkies" also detailed as "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants".

 

The full report is available on WikiLeaks' website, with the final paragraph stating: "While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise".

NEWS SOURCES:Wikileaks.org, Wikileaks.org

Related Tags

Got an opinion on this news? Post a comment below!
loading