So, it looks like most of Apple's products are bugged by the CIA - if the latest claims from WikiLeaks are to be believed. The new "Dark Matter" release from "Vault 7" has documentation for "several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware".
WikiLeaks has exposed the interestingly named "Sonic Screwdriver" project, something that CIA calls a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting". This hack provides its attacker, so in this case the CIA, to deploy its attack software from a USB flash drive - and scarily "even when a firmware password is enabled".
The CIA's "Sonic Screwdriver" infector is reportedly stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter, says WIkiLeaks.
WikiLeaks' report continues, with "DarkSeaSkies" also detailed as "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants".
The full report is available on WikiLeaks' website, with the final paragraph stating: "While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise".
- > NEXT STORY: Star Wars Battlefront, Need for Speed sequels teased
- < PREVIOUS STORY: Madcatz delisted from New York Stock Exchange