WikiLeaks: CIA implemented bendory on iPhone and iPad at the stage of production devices
23.03.2017 1 Comment
WikiLeaks has published a new part of the package of documents 7 Vault belonging to American intelligence agencies. It was called Dark Matter, and describes how hacking Apple devices.
The publication contains documents that describe ways of hacking and infecting your Mac, iPhone and iPad. In particular, the publication spoke about the project Sonic Screwdriver, which provides for the possibility of hacking Mac computers by connecting a USB drive to the device. The infection occurs at the stage of restarting the computer. To use this method was only possible with the direct access to the computer.
Memory access is possible because the extensible firmware interface (EFI) in macOS results in the Thunderbolt port in working condition before the system is fully loaded. The CIA used two exploits: one Sonic Screwdriver is implemented as a modified firmware of a Thunderbolt adapter for Ethernet, the other DarkSeaSkies worked through a normal USB flash drive.
WikiLeaks noted that these bendory existed at least since 2010, and the CIA regularly updated.
Documents from pack Dark Matter also describe a few exploits for iOS, in particular NightSkies 1.2, developed in 2008. It is alleged that intelligence agencies have installed it on iPhone and iPad at the stage of Assembly and testing devices. According to WikiLeaks, thus intelligence has infected the Apple smartphones since 2008.
Note that the first part of the CIA documents were published by WikiLeaks on 7 March 2017. It contained almost 9,000 documents and files stored in the internal network of the Center for cierraspice in Langley. The site reported that it is less than 1% of the total documents. The CIA refused to confirm the authenticity of the information presented.
Representatives of WikiLeaks claim that the CIA hackers have developed many ways to “infection control and transmission of data” with smartphones iPhone, tablets iPad and other devices. Also, the security services were looking for a zero-day vulnerability, which might not know even the developers of the devices. It is known that on Android found 24 vulnerabilities in iOS seven.
Apple has announced that it has closed a significant portion of vulnerabilities that, according to WikiLeaks, used by us intelligence agencies to access the iPhone they are interested in. the company Representative said that the Corporation will continue to work on the security of the iOS operating system and asks users to promptly install updates. In Cupertino added that so far only skimmed the materials published by WikiLeaks.