WikiLeaks yesterday published a new batch of internal CIA documents which highlighted some of the hacks and programs that the spy organization has been developing internally for years. Those tools were specifically designed to infest Apple’s all-in-one iMac desktop and MacBook notebooks if an agent was able to gain physical access to the device.

One of the methods involved utilized patched Thunderbolt EFI exploit. Apple told TechCrunch that the documents detail old exploits fixed years ago.

Here’s Apple’s statement:

We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.

We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.

To protect your gadgets from remote intrusion, be sure your devices are running the latest version of the operating system. Apple is quick to patch known and unknown vulnerabilities in its software so that’s the least you can do in order to stay safe.

On your iOS devices, use a six-digit passcode (even better, use an alphanumeric password) that’s harder to crack.

Enable Two-Factor Authentication as an additional layer of security for your Apple ID and iCloud accounts. In macOS, enable Apple’s FileVault disk encryption and set up a firmware password which prevents those with physical access to the computer to boot your Mac in Recovery Mode in order to reset your macOS password.

Last week, WikiLeaks documented the CIA’s “Year Zero” tools that the spy organization has been allegedly using to breach iPhones, iPads, Windows, smart TVs and other devices. Soon after, Apple said that many of the exploits revealed in that leak have already been patched in the latest version of iOS.

The company is working around the clock to address any remaining exploits.

Source: TechCrunch

  • Jay

    Yep, fixed years ago and now they have new methods…

  • Newgunnerr

    I’m sorry but this is a lie from Apple. The vulnerabilities exist in the EFI chip. It’s hardware that needs to be changed. The CIA amonst other government intelligence agencies have government contracts with tech companies like Apple to leave open hardware solutions to exploit factory fresh iphones and mac hardware. They get reopened, exploited and then repacked and send to the supplier.

    This is damage control by Apple, EFI cannot be patched. Sort of like a boot rom exploit.

    So yes. Every single iphone and mac computer is compromised. They use these hardware exploits so that even after reinstalling the OS or restoring your iphone the spyware is persistent.

    • Rowan09

      Where did you get this information because no one on the web is backing your claim?

      • Newgunnerr

        Uhm maybe actually look at the release itself ? And yes there are plenty of people coming out saying you can’t fix these hardware exploits. Including wikileaks themselves.

      • Toukale

        Apple is right the way they worded it. They said those were fix in future hardware releases since. Now, if you have one of those old devices with those compromised chips before the hardware fix then yes that vulnerabilities are still there.

      • Newgunnerr

        No, its present in ALL hardware. EFI is still vulnerable.

      • Rowan09

        The EFI exploit can only be done if you have the physical device (from what I’ve read online). Plus the hacks detailed in the documents (so far according to Apples response and other research I’ve done on the web) where patched, so I’m not sure where you got your information and made it seem as if Apple told a lie.

      • Bugs Bunnay

        I can’t say that this person is wrong. I remember hearing this somewhere a couple days ago, but without proof it’ll be hard to convince otherwise.

  • Luke

    Wikileaks may have finally opened up peoples eyes to what is really
    going on in our world. Everybody thinking our government is out for us
    and they us terrorism as there excuse to spy on us. It’s all garbage
    its all about control. The NSA, FBI and the CIA are all the same. Wake
    up people save our country now or its over. Also a safe search engine
    that doesn’t track you, a good old fashion private search engine
    Lookseek om Have a great day.

    • Rowan09

      Ever since 9-11 people are willing to give up their rights in the false hope of security.

    • David Gow

      That’s what I think happened with trump. Just got caught up in the net

    • Bugs Bunnay

      well they’re still doing a pretty damn good job at keeping the conditioned stay conditioned. see how they got the other half of our nation to vote for a witch they knew nothing about, except that she’s a woman? slowly, but surely, this god awful swamp will be drained.

  • Bugs Bunnay

    I believe you’re right. this stuff is cooked into the hardware side of things. not a simple ios update patch is gonna fix it, but just like the 90% of us in this world – ain’t no one gonna read it.

  • Rowan09

    If you’re trying to argue if all EFI hacks are patched I would highly doubt anyone would make that claim. Regardless most if not all EFI patches are not remote from what we know. Everything can be hacked.

  • Dragonflynda

    I know for a fact Apple was aware of at least one of the CIA situations and that they should have corrected it like they said. I found the back door involving the CIA a couple of years ago and reported it to Apple. They took my computer and gave me a new one to replace it. The intelligence community can do what they want. I said the entire FBI issue over Apple products and not being able to crack them was a joke.