WikiLeaks Exposes CIA Tools Targeting MacBooks And iPhones: Here's What They Do
Earlier this month, WikiLeaks published what it claimed to be thousands of documents that exposed tools used by the Central Intelligence Agency for hacking a variety of electronic devices.
However, Vault 7, the name given to the collection, is just the first part of what WikiLeaks said is a series of files. It has now released the second part of the series, named Dark Matter.
WikiLeaks Uploads Dark Matter
WikiLeaks described the documents included in the Dark Matter release as containing several CIA projects that could infect Apple devices such as Mac computers and iPhones.
The tools, said to have been developed by the Embedded Development Branch of the CIA, utilized techniques that allowed the agency to gain "persistence" on the Apple devices, with the infection remaining even after the re-installation of the operating system on Mac computers and iPhones.
Exposed CIA Tools For Macs, iPhones
One of the revealed tools developed by the CIA is named the Sonic Screwdriver, which utilizes a peripheral device to infect Mac computers. The CIA installed the malware inside Thunderbolt-to-Ethernet adaptors, and once the dongle is plugged into a Mac, the code would run automatically to infect the computer. The adaptor remains infected afterward, which means that multiple Mac computers could be attacked by one instance of the Sonic Screwdriver.
The Sonic Screwdriver actually resembles Thunderstrike 2, a piece of malware revealed at Black Hat in 2015. However, that was three years after the publication of the CIA document on the Sonic Screwdriver. Apple has since fixed the exploit that both the Sonic Screwdriver and the Thunderstrike 2 take advantage of.
The Dark Matter release also exposed Triton and Der Starke, two power pieces of malware. Triton, which can be installed from anywhere, can allow the CIA to acquire files and folders from Mac computers. Der Starke pretty much does the same thing, but it remains as silent as possible. It could not be found in hard drives as it infects the firmware of Mac computers, and when used with the Sonic Screwdriver, can really do some damage to CIA's targets.
The documents also revealed a version of a malware named NightSkies that targeted iOS 2.1 on the iPhone 3G. The tool allowed the CIA to access data in the iPhone that included the contents of the address book, text messages, and call logs. The CIA can also use the tool to remotely execute commands on an infected iPhone.
Are Apple Device Users In Danger?
Most of the exploits that are being utilized for the tools described in the Dark Matter documents are old, and it is unlikely that they will still work on the current generation of Mac computers and iPhones. Apple has even released a statement that all the alleged vulnerabilities have been fixed. As such, owners of Apple devices, as long as they keep their operating systems updated and avoid downloading suspicious apps and files, should expect to remain safe.
What Dark Matter reveals, however, is the fact that the CIA has been hard at work in developing tools that target consumer devices. With the agency's actions, WikiLeaks has called upon major tech companies, including Apple, Google, and Samsung, to join the effort to put a stop to the unethical activities of the CIA.