Home » Featured » Wikileaks Releases “Dark Matter” and Identifies Hacking Targets of the CIA
Click Here To Hide Tor

Wikileaks Releases “Dark Matter” and Identifies Hacking Targets of the CIA

On Thursday, March 23rd, WikiLeaks released the second part of its Vault 7 series of leaks from the CIA. The new leaks were released under the name “Dark Matter”. The Dark Matter leaks contain information on how the CIA targets and hacks the firmware of Apple’s Mac computers and OS X. Leaks from the first Vault 7 release showed how the CIA targets and exploits Apple’s iPhone and other devices which run iOS, and the Dark Matter release contains additional information on how the CIA is hacking Apple’s mobile hardware and software.

The new leaks expose how the CIA’s Embedded Development Branch has developed ways to infect the firmware on Macs and iPhones infecting a device’s EFI/UEFI firmware with malware. Since at least 2008, the agency has been infecting the supply chain of iPhones of people they are targeting. The NSA conducts a similar program through its Tailored Access Operations (TAO) unit to intercept and install backdoors in routers, servers, and other networking equipment. The infected devices are then repackaged the devices and have the factory seal replaced.

The name of this series of leaks refers to DarkMatter, which along with SeaPea and NightSkies make up a series of EFI/UEFI firmware malware which is known as DarkSeaSkies. Once the CIA has physical access to a device they can implant these malware. The DarkMatter firmware hack enables the CIA to gain “persistence” on Apple’s devices, so that even if the operating system is reinstalled, the device will remain infected and compromised. The CIA’s NightSkies malware acts as a beacon, allowing the agency to both monitor activity and execute commands and programs on the infected device. The agency’s SeaPea malware is a kernel-space implant designed to keep all files, processes, and network events hidden from the user, and to launch NightSkies upon booting the device.

Another malware exposed in WikiLeaks’ Dark Matter release is Sonic Screwdriver. This malware is implanted through the use of a Thunderbolt to Ethernet adaptor which had its firmware infected by the malware.

Sonic Screwdriver remains effective even on Macs that have a firmware password. Sonic Screwdriver scans all media devices for a specific volume name, and if it finds the volume name it was looking for, it executes a UEFI boot of that device. The firmware of the Mac would then be infected with other malware, such as Triton or Der Starke. According to the Triton user guide, the malware can be used to execute tasks, and allows the CIA to access files and folders on the infected device. Der Starke is a much more powerful version of Triton. Der Starke is a diskless and persistent firmware malware, and it extracts data from the infected device through a browser process, which enables the malware to evade detection through programs like Little Snitch.

Apple, in a statement released to the press, claims to have addressed the vulnerabilities the CIA’s malware exploits in their devices years ago. Apple also refused to cooperate with WikiLeaks under the conditions they have demanded manufacturers agree to in order for them to be provided with the CIA’s malware. “We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013. We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users,” Apple said in their statement.

WikiLeaks has also begun to compile a list of companies, products, and tools which are hacking targets of the CIA. Companies which WikiLeaks have confirmed to be hacking targets of the CIA include Apple, ASUS, Avira, CABLEVISION, Cisco, DLP, ESET, F-Secure, HTC, Huawei, Macronix, Microsoft, Nokia, Samsung, Siemens, Sony, and others. The list also includes tools which have been determined not to be targeted.

3 comments

  1. You deserve to get infected by the CIA if you use Apple products.

    However, I openly admit to using Android and having a Google account, however I will probably never be caught simply because I keep my Google activity’s and my cyber crime activity’s completely apart from each other.

    My closed source smart phone and my open source laptop never mix and because of that, I’m going on 4 years as black hat. #dcz

  2. Wikileaks may have finally opened up peoples eyes to what is really going on in our world. Everybody thinking our government is out for us and they us terrorism as there excuse to spy on us. It’s all garbage its all about control. The NSA, FBI and the CIA are all the same. Would you put anything past them, that they would do the hacking. Wake up people save our country now or its over. Also a safe search engine that doesn’t track you, a good old fashion private search engine Lookseek.com. Have a awesome day.

    • Terry Luv

      We need far more people to wake up about the Gov’t of the USA. They’re PE #1 – literally.
      Any Gov’t that would unleash Islam upon its own people has no reason to exist.
      On the other hand the fact that the American people are so f lazy and gutless as to not only allow this shit to continue – they happily PAY for their own subversion! My thoughts are they don’t deserve to have America. There’s been far to many generations of good men who’ve fought and died to pass on a free country to their children to now have THIS generation of flop dicks pass a nation that’s not only worse for their kids but which will likely see them slaughtered in the streets for being white.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *