WikiLeaks Exposes How CIA is Hacking iPhones and MacBooks

WikiLeaks CIA Hacks Apple

Wikileaks Exposes CIA’s Cybernetic Prowess

Two weeks ago Wikileaks published a chunk of highly confidential documents involving the US Central Intelligence Agency’s (CIA) cybernetic hacking capabilities. Primary investigations and press reports claim that the leak displays the CIA’s entire cybernetic ability to hack smartphones and popular social media messaging apps.

Nicknamed Vault 7, this trove of top-secret documents began to be released publicly on March 07, 2017. The first set of documents, called ‘Zero Day’ which consists of 7,818 web pages with 943 attachments reportedly from the Centre of Cyber Intelligence. The “zero-day” refers to a hole in the software that is unknown to the vendor and is exploited by hackers before it comes to the attention of the vendor and he tries to fix it. This is termed as ‘zero-day’ attack or the ‘zero day’ vulnerability.

The Vault 7

The ‘zero day’ archive of Vault 7 delved with the attack vectors which were developed by the Embedded Development Branch (EDB) of the CIA that can infect an Apple firmware despite re-installing the operating system of MacOS or iOS and also that of the Android OS.

The follow-up to the March 7th, 2017 leak another was made on the 21st. This set calling itself ‘Dark Matter’.  The ‘Dark Matter’ revealed the methods that the CIA was using in order to gain access to all of the devices produced by Apple. The electronic tools mentioned in the report can compromise both Apple‘s iOS and Google’s Android operating systems.

The leak showcased that the CIA had Apple on its target since 2008. The “Dark Matter” archive included documents from 2009 and 2013. On the release of the ‘Zero Day’ documents Apple claimed, “many of the issues leaked today were already patched in the latest iOS,” and that they “will continue work to rapidly address any identified vulnerabilities.”

Following the release of ‘Dark Matter, another statement was released by Apple claiming the vulnerabilities of the iPhone that affected the iPhone 3G were patched in the iPhone 3GS and that Mac OS was fixed on all the computers produced by apple from and after 2013.

In the first part of ‘Vault 7’, in the iOS documents: the security details are codenamed such as the Elderpiggy, Juggernaut, and Winterspy. Under those details are provided things like the technique or method employed to exploit a vulnerability (e.g. API); the modification date; the version of the flawed operating systems; the description of the measure; and origin or where it was made (GCHQ, the NSA, etc.)

For Android, the details provide the name (the delivered name and the proof-of-concept name), affected devices, the contract or partner through which it was bought, the kind of access provides (remote access, access to private documents of the user).

The Dark Matter

The ‘Dark Matter’ set of documents made a revelation about a hacking strategy called the ‘Sonic Screwdriver’ which were dated November 2012. The documents explain the Sonic Screwdriver as a hacking tool which is a mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting that means that the attacker can cast the malware into a Mac device through flash drives or other such pluggable options.

WikiLeaks reveals how the Sonic Screwdriver is put into the firmware of the Thunderbolt-to-Ethernet adapter. Once the adapter is plugged into a Mac computer, the code that is embedded into the firmware will scan the memory storage for a file called ‘Filter’. Then when it finds its target, it will launch the ‘Sonic Screwdriver’ code and provide the CIA with the ability to remotely control the machine. This strategy will be used not only to access to whatever there is on the computer but also to keep track of the people and places the user is communicating with.

Besides iPhones and Mac computers, CIA also targeted Samsungs F800 range of Smart TVs. The exploit used to hack into smart TVs, called the ‘Weeping Angel’ could turn the TV into a secret speaker for listening conversation when the TV is switched off but is actually in a ‘fake off’ mode. The documents also state a work in progress to further boost its capabilities to the extent of recording videos and accessing the Wifi.

Besides Electronic giants, several messaging services using end-to-end encryption, like – WhatsApp, Weibo, Telegram, Signal, etc., were also jeopardized.

While the tech giants Samsung and Apple have embarked on their struggle to enhance the security of their products the big question remains, How much of these documents are real?

While obviously the CIA has neither refused nor assented to the authenticity of the documents, which is quite a popular approach taken by several law and security agencies, infamous whistleblower, Edward Snowden, tweeted that office names like JQJ (IOC crypt series) are real and something that is only knowledgeable to the insider.