WikiLeaks on Thursday announced that it had released more Vault 7 documentation online, including details about several CIA projects to infect Apple's Mac computer firmware and operating system.
The site unloaded its first batch of stolen Vault 7 data earlier this month.
The CIA's Embedded Development Branch developed malware that could persist even if the targeted computer were reformatted and its OS were reinstalled, according to data WikiLeaks exposed.
The newly released files shone a spotlight on the CIA's efforts to gain "persistence" in Apple devices, including Mac computers and iPhones, via malware designed to attack their firmware.
One of the documents highlighted in Thursday's data dump exposes the "Sonic Screwdriver" project, which likely was named for the handheld tool wielded by the science fiction character "Doctor Who," as the device seemingly can bypass any digital or mechanical lock.
The CIA described it as a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting," accordingly to WikiLeaks, to allow the attacker to gain access even if a firmware password were enabled.
Who Is Listening
The CIA has been infecting the iPhone supply chain of specific targets since at least 2008, a year after the release of the first iPhone, WikiLeaks claimed.
It also released the CIA's manual for "NightSkies 1.2," described as a "beacon/loader/implant tool" designed for use in infecting iPhones.
"Today's release appears to confirm that the CIA had developed tools to hack the iPhone well before most people ever owned one," warned Ed McAndrew, cybersecurity partner at Ballard Spahr and former cybercrimes prosecutor with the U.S. Attorney's Offices for the Eastern District of Virginia and for the District of Delaware.
"Infection within the supply chain illustrates how committed the agency was to widespread and persistent exploitation of these devices over the long term," McAndrew told TechNewsWorld.
"With malware development moving at light speed, it is frightening to think of how the CIA's hacking capabilities have likely advanced from back then to today," he added. "Unfortunately, this release may provide little that will be useful to Apple or its development partners in eliminating vulnerabilities in today's devices."
Controlling the Firmware
Also among the data released on Thursday is information on "DarkSeaSkies," a project that could implant UEFI (User Extensible Firmware Interface) -- a specification that defines a software interface between an operating system and platform firmware -- on an Apple MacBook Air computer.
EFI/UEFI, which is expected to replace BIOS as the connection between firmware and a system's OS, typically is installed at the time of manufacturing and is the first program that runs when a computer is turned on.
Controlling the UEFI would make it virtually impossible for anyone to remove the installed malware.
"If you want persistent access -- which is an exploit that will remain available to you even after a user updates her software -- then there is almost nothing better than control of the firmware," said Jim Purtilo, associate professor in the computer science department at the University of Maryland.
"This gives you control of the device even before the user's software starts to run on it, and your defensive measures will guard digital premises that have already been violated," he told TechNewsWorld.
Bridge Between Hardware and Software
The boot process reflects the increased complexity of modern devices -- that is, how many bridges between hardware and software must be erected when a device is powered up.
"It starts when a modest amount of hardware is used to load and execute commands which are stored in a special type of memory reserved just for this process, and these in turn will cause yet more commands to be loaded from the device's storage -- perhaps a flash drive," explained Purtilo.
"This is where it gets really complex, because there is s
No comments:
Post a Comment