Wikileaks has published the second part of the “hacker archive” CIA

Wikileaks has published the second part of the “hacker archive” CIA

Wikileaks today published the second part of the leak of documents about the activities kiberrazvedki CIA “box 7” called Dark Matter (Dark matter).

From the documents that the CIA could physically infect Apple devices including the iPhone, to their sale, as well as to access data bypassing the built-in password protection and especially the operating system. All the projects in question, developed in the Department of embedded systems (EDB) of the CIA, says Wikileaks.

So, the malicious code Sonic Screwdriver [“Sonic screwdriver, universal tool of Doctor Who from the same series] hidden in the firmware of the adapter Thunderbolt-Ethernet for Apple Mac laptops. It allows “code to run on the peripheral devices during the computer’s boot”, which gives the possibility to infect the computer-the purpose, for example, from a USB drive to bypass the firmware password.

Thus, the program “DarkSeaSkies” is a malicious injection in the boot loader (EFI) laptops Apple MacBook Air, consisting of “DarkMatter” (affects the loader itself), the “SeaPea” (affects the system programs) and “NightSkies” (affects the data area of the user). Based on the dates of the documents Wikileaks claims that other similar malware for MacOSX — “DerStarke” — was used by the CIA until at least 2013 and 2016 dated files on the development of a new version DerStarke2.0.

Also included in the leaked manuals of the program “NightSkies 1.2”, the implant in the Apple iPhone. Wikileaks stresses that this program reached version 1. that the other similar malware for MacOSX — “DerStarke” — was used by the CIA until at least 2013, and is explicitly designed for installation on “clean” phones.

That is, the minimum since 2008, the CIA was able to infect the smartphones of their goals in invading the chain of supply.Wikileaks

“At that time, as tools of the CIA are sometimes used for the physical invasion of the victim’s system, it is likely that many of the attacks that involve physical access to the system occur through the introduction in the supply chain organizations of victims through mail orders and other shipments” — said Wikileaks.

Apple has not yet commented on this new leak.

Comments

comments