Following the initial release of documents, dubbed “Year Zero,” which detailed tactics the CIA leverages to breach iPhones, iPads, Windows, smart TVs and other devices, WikiLeaks today published additional “Vault 7”-series materials. Code-named “Dark Matter,” the latest batch of secret files provides an insight into other CIA hacks and programs that have been internally developed and maintained for years with the goal of infesting Apple’s all-in-one iMac desktop and MacBook notebooks.
WikiLeaks explains that these exploits, developed by the CIA’s Embedded Development Branch, were specifically built to bypass password protection on Mac computers. One project, dubbed “Sonic Screwdriver”, allows an attacker to execute its infestation software from a USB stick while your Mac is booting.
In one instance, “Sonic Screwdriver” was successfully stored on a modified firmware version of Apple’s Thunderbolt to Ethernet adapter. Another exploit, dubbed “DarkSeaSkies” allows an attacker to boot its attack software on MacBook Air notebooks by storing attack code safely in the computer’s EFI firmware.
“DarkSeaSkies”, says WikiLeaks, consists of the exploits code-named “DarkMatter” (EFI), “SeaPea” (kernel) and ”NightSkies” (user data). These internal programs have existed since at least 2010 and the CIA has been updating them regularly.
“Dark Matter” also contains several iOS exploits, including one dubbed “NightSkies 1.2” that has existed since at least 2008. It can apparently be installed on iPhones and iPads directly within their manufacturing facility. WikiLeaks says that the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
Apple recently said that many exploits revealed in the original WikiLeaks dump are already patched in the latest version of iOS. The company is working around the clock to address any remaining exploits.