New WikiLeaks CIA Data Dump Details Hacking Methods For Mac, iPhones

By on
Wikileaks CIA Hack
PHOTOGRAPH: Matthew Pearce/Flickr |

Continuing its CIA Vault 7 data dump, WikiLeaks released a new set of documents on Thursday that point out to apparent hacking tools the intelligence agency have been using to infiltrate Apple’s Mac computers and iPhones. The latest leak comes two weeks after the organization published thousands of alleged CIA files which revealed how they break into Apple, Google, Microsoft, and Samsung devices, among others.

Thursday’s leaked documents are much more focused and only consist of just 12 documents, though, all involving Apple products. They show how the government agency cracks into some of the most locked-down consumer electronics devices available in ways that they could maintain access even if the owner reboots the handset. The CIA hacking tools are several years old, dating between 2009 and 2013, suggesting they may have already been updated or retired as new Apple hardware were released.

Sonic Screwdriver (2012)

Among the documents is a user guide from 2012 for the Sonic Screwdriver tool.  According to PC Mag, it describes the spy agency’s attempts to execute a code on peripheral devices while an Apple computer is booting up. The implant code was stored on an Apple Thunderbolt-to-Ethernet adapter, scanning all external and internal bootable drives to find one that would let it install a surveillance backdoor on bootup.

Once installed and the computer has rebooted, the infected Ethernet adapter would work normally again. The user guide details that CIA tested the tool on several MacBook models launched in 2011.

WikiLeaks CIA Hack

WikiLeaks CIA Hack: CIA tested the Sonic Screwdriver tool on several MacBook models launched in 2011.

NightSkies (2008)

Another leaked file which dates back to December 2008 describes “NightSkies,” a tool which was likely designed to target the iPhone 3G, the latest model during that time. According to the document, it can retrieve files including contact lists and call logs and also execute other commands. In a press release, WikiLeaks said the CIA “likely” accessed Apple products and infected them “by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.”

However, the document only included how they installed the malware on a “factory fresh” version of the 3G—specifically, those that were running the 2.1 version of Apple’s operating system, both of which are now nine years old.

WikiLeaks CIA Hack: Vault 7 “Dark Matter”

The said leaks are all part of the “Vault 7” data dump which the anti-secrecy organization first announced on March 7. WikiLeaks calls the trove its largest publication of confidential CIA documents yet. The WikiLeaks CIA hack is thought to give the manufacturers of the involved technologies a chance to address the vulnerabilities described in the documents before releasing them.

According to CNET,  Apple did not respond to the latest leak on Thursday. CIA, on the other hand, reiterated a statement from earlier in March. They are refusing to confirm nor deny the authenticity of the documents.

“It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad,” the agency said. “America deserves nothing less.”

Also Read: Apple Responds to Hacker Threats ‘No Breaches on any Apple Systems’

About the author

To Top