Wikileaks Releases "Dark Matter" Proving CIA bugs factory fresh Iphones
Dark Matter
23 March, 2017
The following is the press release from Wikileaks...
"Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.
"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.
Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.
Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
If you support freedom and privacy please resteem this post and spread this information!
Source
https://wikileaks.org/vault7/darkmatter/?cia
I will be doing a full analysis of this most recent leak in the coming days.
Stay tuned.
You can view my previous analysis of vault 7 from the links below...
VAULT 7:CIA Targeting Cellphones and Bypassing Encryption
Vault 7: Digital Forensics
Please upvote and resteem if you found this post interesting!
Follow my blog @digicrypt if you want to learn more!
DASH: XgQ9NBonMoCPKhF37agY4W8zk7gwQFnwGV
Ether: XE04RO3I0QA5UKB31OZK4O3CK3TOT03R4TM
It's a known fact among hackers that Apple bends over and takes it all from the three-letter-agencies. It's probably the most expensive tracking device you can own, with no security guarantees.
At least with the disclosure of these security holes they will be forced to patch them or admit they are deliberately leaving the back door open for the NSA or other nefarious parties.
Down with iPhones, up with whatever else!
Well known by the informed...yes. In my last vault 7 post https://steemit.com/wikileaks/@digicrypt/vault-7-digital-forensics @fortified asked "Do you think the software companies they have been compromised by the CIA will be in a position to sue?" My response "I don't know but I would be surprised if they did. No company, especially software based wants to advertise the fact there product was broken into. That being said, I would expect to see some consumer driven pressure as well as prosecution in the court of public opinion, a rebuke of the agency/spying and a renewed interest in internet freedom for an example. I would also keep an eye on what happens in Germany in regards to the revelations about the consulate in Frankfurt." In my opinion any meaningful change will have to be driven/demanded by consumers, as you say the companies are complicit. The only way the companies will change is if their pocketbooks are affected.