Wikileaks, the activist group best known for releasing sensitive government information, released more documents from its “Vault 7” leak. Vault 7 mostly consists of possible evidence of hacking into consumer devices by the United States Central Intelligence Agency (CIA). According to Wikileaks, the CIA has been using multiple tools to obtain unsolicited data on United States citizens for years without public knowledge. Released yesterday, the “Dark Matter” set of documents claims to show that the CIA developed software to specifically hack into Apple devices.
The documents claim that, by using exploits in Mac and iPhone firmware, the CIA were able to covertly penetrate devices without the user’s knowledge. One project, dubbed “Sonic Screwdriver,” is described as a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting.” The software is able to run “even when a firmware password is enabled.” If true, this essentially means that the CIA was able to install malware on devices by using an external device, namely an Apple Thunderbolt-to-Ethernet adapter. Once the device is inserted into the computer, the malware would install itself into the device firmware, avoiding detection and embedding itself deep into the system. Software installed on a computer or phone’s firmware is incredibly difficult to uninstall or detect and is granted permission to access any information or perform any function on the computer. Malware installed in the firmware can be used to secretly send information remotely or even seize total control of an infected device.
Another claim the documents make is that a tool called “NightSkies 1.2” has been in use since 2008 to infect iPhones. Described as a “beacon/loader/implant tool,” the software is “expressly designed to be physically installed onto factory fresh iPhones.” This means the CIA may have installed the malware on iPhones prior to them being shipped from the factory.
Wikileaks notes that these tools and others are often used to track targets of interest. However, it is likely that the malware may have made its way onto average consumer devices without the buyer’s knowledge. These are very bold claims that have yet to be confirmed but based on Wikileaks’ record, there’s a chance the phone in your pocket has something unwanted running under the hood.
More information about the release and all documents can be found at Wikileaks’ site here.