On Thursday, WikiLeaks unveiled 12 new documents that offer more details about the techniques the CIA allegedly took to hack Apple devices. And this new leak revealed intell that the CIA allegedly bugged phones straight from the factory, according to heavy.com.
This release is part of the recent Vault 7 leak, and was dubbed Dark Matter. The first Vault 7 leak came in the form of wiki pages from the CIA’s intranet and included information related to the agency’s cyber-weapons. The documents released reportedly unmask the fact that the CIA was bugging factory phones for the last nine years.
The documents had names like Sonic Screwdriver, Triton, DarkSeaSkies and NightSkies. One of the tools, Sonic Screwdriver, means those in the CIA can deploy from an Apple Thunderbolt-to-Ethernet adapter. That allows a cyber criminal to infect a device with malicious code while it’s starting up.
And DarkSeaSkies is made of smaller parts but, “is an implant that persists in the EFI firmware of an Apple MacBook Air computer, installs a Mac OSX 10.5 kernel-space implant and executes a user-space implant.”
NightSkies is known as a “beacon/loader/implant tool” for the Apple iPhone, according to heavy.com. This is the tool that was produced to be installed onto phones that hadn’t left the factory and reportedly means that the CIA has had the ability to infect fresh phones since 2008.
The tools were created to infiltrate the EFI/UEFI (Unified Extensible Firmware Interface) specification and putting malicious code in there means a cyber-criminal has the chance to execute that malicious code every time a user starts up their device. And reinstalling the operating system doesn’t remedy this issue.
The CIA was using these tactics to get to a target, but it’s been reported that this also affects the target’s organization by “interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise,” heavy.com reported.
While the CIA declined to confirm the validity of these documents, they reportedly asked a judge not to use them in a case due to their classified status, according to Motherboard.
And you just never know; so be sure to take the appropriate steps to ensure your organization is protected with the right tool. Check out the Buyer’s Guide below for an overview of he market, vendors profiles and more.