Wikileaks; CIA Allegedly Hacked iPhones and Macs Before

It came to light this month (through the help of WikiLeaks and a cache of secret information) that the CIA allegedly hacked several Apple computers and cellphones almost ten years ago. These secret documents reveal some of the details of the agency’s hacking operations, but Julian Assange is adamant that’s “less than 1%” of what really went on.  WikiLeaks commented in a press release, “These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.”

The way in which hackers get in is by targeting the UEFI, which is the equivalent of the PC’s bios.  This way they can compromise Macs even once the operating system’s been re-installed and the computer’s been rebooted. The uncovered CIA documents show how the agency was ahead of their time in finding ways to compromise and hack Macs. “It looks like CIA is very interested in Mac/iOS targets, which makes sense since high-value targets like to use [those],” said Pedro Vilaca, a security researcher who knows Apple computers well.  “Also interesting the lag between their tools and public research. Of course, there’s always unpublished research but cool to see them ahead,” he added.

According to one leaked document, the agency appears to have anticipated what later came out as the “Sonic Screwdriver” where Macs are infected with malware stored in the Apple Thunderbolt-to-Ethernet adapter. This looked to be the same attack that dubbed Thunderstrike and showcased in 2014. But, while Sonic Screwdriver allowed the user to bypass firmware on a Mac to install its tools, Thunderstrike allowed an adapter to overwrite the motherboard boot flash.   There was also information in the documents that dated back to 2008 alleging that the CIA had created a malicious implant specifically for the iPhone that could be “physically installed onto factory fresh iPhones.”  So, these documents lead us to believe that the CIA do in fact know how to hack into iPhones and compromise them should they need to – just like the NSA.

More News to Read