WikiLeaks has just released a set of documents named “Dark Matter,” which contain information proving that the Central Intelligence Agency has developed tools to infect Apple products, like MacBooks and iPhones. The tools date back from 2009 to 2013 and are not likely to affect newer technology developed by Apple. The documents haven’t been identified as legitimate or altered yet.
WikiLeaks released a press statement saying that it was likely that the tools were used by the CIA to infect Apple products, by interdicting mail orders and other shipments leaving the United States. The CIA has declined to comment on the authenticity of the documents, reissuing a statement they released earlier in March when WikiLeaks published documents that showed CIA’s hacking tools to break into phones, cars, computers and Samsung Smart TV’s.
CIA hacking tools infected iPhones and MacBook Airs
The CIA has said that their actions have been carried out to protect the country from foreign threats. The tools affect Apple’s firmware, which means they affect the operating system even if it is reinstalled. One of the projects, called “Sonic Screwdriver’” consists of a device that would allow an attacker to boot its attack software, even if a firmware password is enabled. The “Sonic Screwdriver” infector is stored in an Apple adapter, the Thunderbolt to Ethernet.
The CIA has also developed another tool to infect MacBooks through a Thunderbolt port, called the “Thunderstrike 2.” Other tools include the “DarkSeaSkies,” which is an implant that persists in the firmware of a MacBook Air computer, a MacOSX malware dubbed “Triton” and the “NightSkies 1.2,” which is an implant tool for iPhones. WikiLeaks noted that the “NightSkies” was designed as early as 2008.
“Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones,” said WikiLeaks. “The CIA has been infecting the iPhone supply chain of its targets since at least 2008.”
WikiLeaks also posted recently some documents called “Vault 7,” which link the CIA with the development of hacking tools that could affect some technologic devices and software such as Android phones, Windows computers, and Linux computers.
The hacking tools affecting the gadget would make possible to access data and messages shared through the device in WhatsApp, Signal or Telegram. Other hacking tools were able to turn a Samsung Smart TV into a listening device, although the hack would have been unsuccessful by simply unplugging the TV.
WikiLeaks has a long history of leaking top secret government-related documents, and CBS News reported that the “Vault 7” documents were being revised by experts who believed the documents were legitimate.
Paul Rosenzweig, former deputy assistant secretary for policy at the Department of Homeland Security, and founder of cybersecurity company Redbranch Consulting, was reached for comment by CNET earlier this month. Rosenzweig said that if the tools are in fact being used, they would have great value for the CIA. Unfortunately, he believes that if the CIA has been able to find the holes in the electronic devices to hack them, those vulnerabilities could also be known by the Chinese or the Russian.
The “Vault 7” documents were leaked after a year-long debate among government officials trying to access electronic devices. The debate started after the U.S. Department of Justice asked Apple to open an encrypted iPhone belonging to one of the San Bernardino shooters. Apple refused the request, and the FBI said that it had managed another way to access the iPhone.
The CIA ‘negligence’
Government agencies are fighting to obtain access to encrypted information in devices linked to crimes. As the owning companies refuse to comply with the orders -as their customers’ privacy is protected under the First Amendment- the agencies could be developing or buying hacking tools to access the data.
Experts believe that the new leaks will further strain the relationship between the U.S government and electronic devices companies because people are starting to distrust their devices, which is bad for the companies.
WikiLeaks has criticized the CIA’s negligence in safeguarding the documents that they leaked. In a press release issued on March 7, WikiLeaks detailed CIA’s negligence, which allowed them to get hold of the documents.
“Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation,” said WikiLeaks. “The archive appears to have been circulated among former U.S government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”