Wikileaks Releases "NightSkies 1.2": Proof CIA Bugs "Factory Fresh" iPhones

Tyler Durden's picture

The latest leaks from WikiLeaks' Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.  The full documents are expected to be released after a 10 a.m. EDT “press briefing” that WikiLeaks promoted on its Twitter.

Here is a live stream of the pending press briefing with Julian Assange:

And here is the full press release from WikiLeaks:

Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.

 

Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.

 

"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.

 

Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.

 

Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

 

While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
TheMeatTrapper's picture

They should change the name of the company to CIApple. The millenials can then line up for them in the cold. 

NugginFuts's picture

But seriously, who wants to track millennials? They lead a worthless lifestyle. 

Manthong's picture

It appears that some real patriots are blowing the lid off of the pervasive evil.

The Amendments only clarified what is the law of the land.

I F’NG WANT THEM ADHERED TO.

Start with the 4th one and then work your way up and down.

froze25's picture

That is simply not true about millennials. The only ones we hear about are the SJW's and they are in the far minority but get all the attention. The millennials I have on my staff are some of the most hard working, smart and no-bs members of our team. You know who is mostly worthless the older Gen X'ers (Late 40's). If they put half the effort into working as they do to knowing their union contract and the Administrative procedures manual (so the can do the bare minimum) they would be super stars and they wonder why the don't get raises.

PT's picture

I know a couple of good millenials.  But they won't be working for you or anyone else.  They built their own business.

froze25's picture

That's the thing, I know far more good then bad, I see on TV far more bad than good. I trust what I see with my own eyes and experience than what is just reported. Hence I know that diversity totally sucks, from experience.

TwelveOhOne's picture

There's a stock-trading term, "di-worse-ify", which juxtaposes nicely.

brianshell's picture

Would some insider please tell us about DeKalb Junction New York?

It has the second most active ping point in the US behind Microsoft but there is nothing except  a Corelle plant up there!?

JRobby's picture

Get your red iPhone! On sale this week!!!! Brand new color! Red!!!!!

Manthong's picture

I heard that Nokia is releasing a few zillion really cheap 4G dumb phones to the India market…

This could be a bit of a remedy for those concerned with the .gov snooping problem.

..and they will likely be flourescent for the best market appeal there.

mtl4's picture

After seeing this, any wonder why Shillary was so stuck on using Blackberry?!

 

I think Blackberry really missed a huge opportunity as the anti-eavesdropping cell phone platform.

PrayingMantis's picture

 

... "Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008."

... time to ditch those CiApple devices ... now you know why the Canadian Blackberry was killed off the US market ... they wouldn't play the US alphabet agencies' surveillance game ...

 

kavlar's picture

Shouldn't we worry more about Israeli spies who control US congress and did 9/11?

http://biblicisminstitute.wordpress.com/2014/09/14/israel-is-the-problem/

Mano-A-Mano's picture

That shitty country is the reason for all our loss of civil liberties.

They're the terrorists who started the ball rolling.

Logan 5's picture

C'Mon sheeps, pffffft!~ They NEED to spy on you to make sure you're eating your peas...

 

Otherwise ~ Chalky & the Wookie served zero purpose whatsoever

philipat's picture

Doesn't this all just confirm what we already know; that we live in a fascist State? And that is now based on the dictionary definition of fascism.

brianshell's picture

Ban dual nationals in government.

UmbilicalMosqueSweeper's picture

Ban dual mufflers, mirror dice, and raccoon tails.

Crash Overide's picture

If you're really trying to avoid prying eyes you use lo-tech/no-tech, if it connects to a cell tower/network it can be hacked...

 

Dugald's picture

 

CIA declared war on the world.......who goes to prison

 

JRobby's picture

Visual Script Direction Notes - Scene 17:

(Banner Ad Roll of Sheep Being Bludgeoned With a Lead Pipe That Has an iPhone Taped to THE END)

wren's picture

I knew it was a publicity hoax when Apple didn't want to allow the feds access to the phone that was used by the killers in the San Bernadillo Massacre. Like Apple really cares about giving your info to the feds...

Apple is a shit proprietary company that has somehow convinced people around the world that their product is as important as eating, and costs you as much to have an iPhone as it costs you to buy food each month. Oh but it has a camera and these really cool weather apps that cuss at you, and my selfie stick is made for the iPhone 7, but they will be coming out with an iPhone 8 soon. I sure hope my selfie stick works with it!

"Hi, my name is Lisa and I am in like 7th grade. Other kids in my class only have the iPhone 5, but I have the new iPhone 7. I go to school with such pathetic loooserrs. Everyone in my school is jealous of me and my new iPhone 7, cause it shows that my parents really care about me, because, you know, they spent a lot of money on me for this phone so it must show they like, really care, right? And the other kids in school chant my name as I walk down the halls because they're like so jealous of how much my parents love me. They are jealous because I'm like really rich, really cool, and my parents really love me too."

 

pods's picture

My wife has a selfie stick too. She keeps it under the pillow. Never knew you could use it with a phone.......

pods

TheABaum's picture

pods, thanks. comment of the year!

Barney Fife's picture

Priceless wit. 

Touche. 

Mr. Universe's picture

I informed my eight year old that she will get a cell phone when she can afford to pay for one, just like a car and insurance. You want something, save and earn it. She understands.

but they will be coming out with an iPhone 8 soon. I sure hope my selfie stick works with it!

Sorry folks, but sadly no. Apple products are designed not to be backwards compatible without buying the proper adapters. While pushing things forward, it often is premature. The new Macbook Pro only has USB-C/Thunderbolt 3 ports. Great except you can count the number of devices that work natively on one hand, they just don't exist yet. Not only that but while the port is the same for USB/Thunderbolt the cables must match each type of device or no go. Great.

Barney Fife's picture

I doubt the move to USBC was motivated by that. I am working on a USBC project and the technology is order of magnitudes superior to legacy 2.0 and 3.0. You can drive 4K video through it and have gobs of bandwidth to spare. Plus it can charge at rates of up to 100 watts. 

Besides, legacy adapters are cheap so that is not an impediment. I just bought my wife a Macbook Pro because they weight 2 lbs. I am pissed about the firmware corruption though. Not surprised, but still extremely pissed. 

Yes the word "corruption" is in a moral context, not a technical one. 

Troy Ounce's picture

 

 

It is all about the fuckability index. Most important in life, apparently.

Troy Ounce's picture

 

 

It is all about the fuckability index. Most important in life, apparently.

Bigly's picture

You mean verizon red like other phones prior?

Meh

turnoffthewater's picture

And just think, Many think that Steve Jobs was the shit! Turns out, no pun intended

Joe Davola's picture

The final paragraph of the press release makes it sound like they only used this in targeted instances, the skeptic in me says they got people at Foxconn who'll do this on all devices.  However, the downside to doing it on all devices is it makes it detection more likely.  So maybe it was just specific targets.

Ghost of PartysOver's picture

If I recall correctly Chief Justice John Roberts was originally a "No Vote"  that would have sunk ObamaCare.  Then mysteriously change to a "Yes Vote" right before the verdict was released.  No it comes out that Judges were under surveillance.  Connecting those dots paints a very ugly picture.  Wonder what they had uncovered on Roberts for a little Extortion Party.

Pulp Culture's picture

Yup, Roberts did make an about face on the crapcare vote. Blackmail sounds like a strong possibly. 

SoDamnMad's picture

Oh, you want to see the Robert's videos.  Wait and I shall go down to the vault and dig them out.  They are pretty juicy. You better take a couple shots and take a dump first.

Bigly's picture

Intuitively he does not strike me as a pedo. Arnold's illegal adoption or similar sounds more correct

Ace Ventura's picture

My guess is the slimey weasel has a penchant for pizza.

Arnold's picture

...please tell us about DeKalb Junction New York?

Near Fort Drum.
Fort Drum is currently being looked at as the location of a proposed Eastern United States missile defense site.[7]

https://en.wikipedia.org/wiki/Fort_Drum

land_of_the_few's picture

But the Kagans keep telling us the Russians are so weak and they should definitely be attacked... so this missile defense clearly isn't needed amirite? All bluff? :D

Perhaps for some reason they dont mind New York and other cities turned into a glass parking lot if they push their luck a little too far?

Or perhaps they have simply wildly misread the situation despite the information being public knowledge elsewhere. I.E. they are pig ignorant loons, idiot-savants.

brianshell's picture

Yes, Ft Drum also has a branch of dyncorp. There is another government cyber contractor near DeKalb, Xervant as well but its difficult to find any server farm installation or substation in the area.

Reference George Webbs findings on dyncorp.

Also several peices by Mary et al.

https://www.youtube.com/watch?v=K5Y-G-7E8gM

 

In Ze No's picture

Check your Google maps, they're an hour away from each other

  Funny thing is Clarkson University in the same general area was high on that attacker map besides Microsoft a few days ago.  Thought that was odd.