Wikileaks Releases "NightSkies 1.2": Proof CIA Bugs "Factory Fresh" iPhones

Tyler Durden's picture

The latest leaks from WikiLeaks' Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.  The full documents are expected to be released after a 10 a.m. EDT “press briefing” that WikiLeaks promoted on its Twitter.

Here is a live stream of the pending press briefing with Julian Assange:

And here is the full press release from WikiLeaks:

Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.

 

Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.

 

"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.

 

Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.

 

Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

 

While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Withdrawn Sanction's picture

Do you think the Apple symbol (an apple w/a bite out of it) is accidental?  Something about "...take the mark on your forehead or in your hand..."

JPMorgan's picture

As an American company the real question is Apple being complicit in this activity. 

TePikoElPozo's picture

does a bear shit in the woods ?

FreedomWriter's picture

JPMorgan, your otherwise excellent comment was only missing a sarc tag.

Complicity isn't even the question anymore. Very few of these companies can really put a stop to this as long as Uncle Sam keep his hand in the cookie jar.  Otherwise they'll be accused of colluding with the Russians or something.

Any governmental organization that has reached this level of unbridled corruption has no problem coercing a company like Apple (or Verizon, or ATT, or Microsoft, or Google, or Facebook, the list is so long) into weaving its evil web.

The thing people don't get is this: if the CIA can get into your phone, desktop or server, anyone with access to this technology can do the same. This is why cybercrime is skyrocketing and physical crime is decreasing. Mcafee projects that losses from cybercrime will reach 2 TRILLION USD by 2019. Is anyone paying attention?

The next question is when will people become angry enough to put a stop to it. 

"In a world of unlimited cyber vulnerability, protecting your private data will soon become a revolutionary act."

 

Downvoting by spy bots in 1...2...3.....

TePikoElPozo's picture

even the free obamaphones ??

UmbilicalMosqueSweeper's picture

CIA has to make sure their drug dealers aren't skimming dope or cash, doing independent deals, or working for the competition.

hooligan2009's picture

so the i-phone is a surveillance device used by the CIA to spy on foreign and US people, whenever the CIA feels like it, no matter where they are in the world and what they are doing?

friendly manitoba's picture

so cormey was lying this week. - obama didnt have trump tower tapped ...

there were 5000 taps already in place ...

kinda of like saying a bj isnt sex

big surprises - apple doesnt pay taxes. , and the spooks listen to fkn everything

soyungato's picture

Without Apple's consent CIA couldn't have screwed with the hardware. Apple has a shit load of cash. Are there lawyers out there willing to take the lead sueing them rotten Apple ?

SMC's picture

My iPhone monitors disapproved of this post...

SMC's picture

Cue big price cuts! lol.

GrokMarkets's picture

Why? With all that extra free software they must be worth more.

TePikoElPozo's picture

spying must have been difficult in the 90's

thank god for cell phones

VWAndy's picture

 Im pretty sure they had ways in the 80s.

LA_Goldbug's picture

And now we are so much safer !!! They must be catching the Bad Guys left and right. OK, there a few that get by but overall.

WE ARE SAFE AS CAN BE !!!!

http://linkbeef.com/wp-content/uploads/2016/04/46MMHOZM7557648T.jpeg

me or you's picture

Now you know why they went ditched  BB in favor of Apple, Windows  and Android.

SocialistPig's picture

designed to be physically installed onto factory fresh iPhones

which requires a factory-installed backdoor supplied by Apple.  (c.f. iPhone secure bootchain). 

oldguyonBMXbike's picture

Find the suppliers and put them out of operation.

Escapeclaws's picture

Apple makes the best stuff. I like the looks of that new ipad pro for a tablet. Thus stuff is expensive, but high quality. No doubt they havr all kinds of government backdoors. It could be that anyone who uses an Apple product will eventually go to prison for the crime of breathing.

Nevertheless, given that government snooping is there and every breath we take is duly noted at a big facility somewhere in Utah, I am more worried about private parties invading my privacy. For instance, the availability of software that permits a stalker to know where you are at any moment. I don't like it when I complain about something outloud and the I see an ad the next day, say, on Zerohedge that addresses the particular problem.

You can't even give to charity or worthy causes that help people without a massive invasion of privacy. Result is that I give nothing.

We can't stop the state, but can we stop private parties at least?

hooligan2009's picture

welcome to the world of trolling social media with the gods of Amazon, Google and Facebook.

it is a new age - soon there will be a "priesthood" of social media, where you can pay lots of money to go to confession.

what people should be more worried about is the security systems that are supposed to protect you from viruses, bugs and malware. THESE HAVE ALL FAILED - these companies should be sued for not providing the protections they advertized - have you ever wondered what is going on with all the whirrs anc clicking noises when a "scan" is being run? this could quite easily be a surveillance of all your files on your PC/laptop/notepad/phone.

you can use adblockers to stop the ads - 250 million people already do so - but then these blockers surveil your internet traffic in order to block the ads (tricky huh?)

anyways - watch out for a new priesthood of the internet, coming to a screen near you, very soon.

zvzzt's picture

i've got nothing to hide...

 

(/sarc)

Abaco's picture

They have no authority to look at the stuff I have no reason to hide.

Sebastianbelle's picture

Ok I am watching Spicer in the brief today and of course the MSM is asking about Nunes' findings and Spicer is imploring them to use their 'Investigatve' skills! Everyone at Freedom Watch, Zerohedge, InfoWars and Briebart knows what is going on expect this stupid gaggle of a 'Press Cesspool'!

aloha_snakbar's picture

Incidentally, here is your new $800.00 iBug phone... enjoy!

FreeEarCandy's picture

Feed the monster. Buy another phone. Makes me laugh and reminds me of this baboon video. You have to see this video ...

 

"How to find water when you have a monkey available to torture, some salt and a tree to hide behind for hours."

https://www.youtube.com/watch?v=YAy8LUmXPmo

 

Just like the baboon, people can't let go of their phone to save their own life. I seen this video over 30 years ago and never forgot it.    

BritBob's picture

There's a lot of spying going on...

Interesting to note that Snowden revealed that the UK was keeping an eye on Argentina and her Malvinas aspirations. But what is the strength of Argentina's Falklands' claim?

 

Falklands- Never Belonged to Argentina:

https://www.academia.edu/31111843/Falklands_Never_Belonged_to_Argentina

 

You can now kick what Wikipedia and what Argentine politicians have said into touch.

TheGardener's picture

But what the hell of a concern is it to you, my esteemed Sponge Bob ? Who the hell on earth could be bothered that the Malvinas are illegaly

claimed and occupied by the the not so great british brittle former empire of sorts ? Trump will give Alaska back before you get a single upvote about here except mine if you fully repent on your preposterous claims . Repentance for all your colonial sins ! /sarc

DEMIZEN's picture

haha lovely. Now I would like to see a bouquet of retards with "surpriced" faces. Like.. how could this happen to us?? LOL.  But why iPhones? 

DYS's picture

I remember back in the mid to late 1990´s when the federal legislation was passed REQUIRING ALL mobile phone MANUFACTURERS to embed the ability to turn on microphones remotely.   

cat2005's picture

It was passed into law?

rejected's picture

No kidding....

I'm shocked, I tell you,,, Shocked!

khakuda's picture

Now we know where the Stasi went when East Germany closed shop.

GernB's picture

I'm unclear on the use of the term "physically install" when applied to software :)

NoCommies's picture

hard coded...i.e. hardware

hibou-Owl's picture

Glad I brought Xiaomi phone, rather have a chinese spy than a stinking yank.
iShit overpriced, software is crap, and now someone spying.

I had three iShits, will never buy another.

me or you's picture

Xiaomi, ZTE and Huawei use their own processors...it's up to you the CIA or the Chinese. 

 

I chose the Chinese. 

 

* Remember Apple, Microsoft, Google and, Samsung are CIA/NSA run corporations. 

Infinite QE's picture

Current model of China is a zionist creation so I guarantee you they are spying as well.

Dominus Ludificatio's picture

ZTE just agreed to pay the US DOJ over 600 millions for selling phones to Iran.They are using the Qualcom chips (american).The others are propably using the same.

barysenter's picture

Your tax dollars at work, for organized crime. Bend over farther. Farther.

Raul44's picture

I think this is already old story therefore it was published. Right now I am more curious about CPU microcodes, even Linux dropped its own default one in favor of CPU companies proprietary. Also, article speak about MAC's but I find it unlikely Windows systems wouldnt have it as well, but no mention.

David Wooten's picture

What about BlackBerry 10 phones?  Are they too few in number to be worth bothering about?

Cirth42's picture

Is it possible that the outage Blackberries experienced years ago were intended by the CIA to kill the business and open backdoors?

Montana Cowboy's picture

Microsoft and Apple have obviously been heavily exploited. But where is the similar info on Linux? Am I missing it?

pparalegal's picture

EFI/UEFI firmware chips soldered onto the current motherboards. 

me or you's picture

You still can unmount the chips and reset it's not easy task but can be done. 

Hammer of Light's picture

We need a manual on this mate. Any idea's?

me or you's picture

If you don't have certain knowledge of electronic and programming it's kind of hard for one person to do it.

wiki.archlinux.org/index.php/Flashing_BIOS_from_Linux