- Joined
- Apr 15, 2014
- Messages
- 14,495
- Reaction score
- 3,138
A new Wikileaks release called DarkMatter was released today, affirming that the Central Intelligence Agency has long targeted Apple Macs, creating malware designed to evade the tech giant's security mechanisms. The leak also revealed the CIA had been targeting the iPhone since 2008, a year after the landmark device was released.
That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits - malware that can hide at the lowest level of Apple systems, the kernel and the firmware of the device.
One of CIA's implants was called NightSkies, a manual for which noted there was a version for iPhone, then appearing to list the year 2008, though Wikileaks claimed the tool was operational in 2007, the year of launch. "NightSkies 1.1 exists for the iPhone," a CIA manual read, in a document entitled DarkSeaSkies that dated back to 2009. "Currently, NightSkies does not have stealth and persistence capabilities."
In a document describing the NightSkies malware for an iPhone 3G running iOS 2.1, released in 2008, the CIA wrote that it effectively granted the agency full control over an infected device: "The tool operates in the background providing upload, download and execution capability on the device. NS is installed via physical access to the device and will wait for user activity before beaconing. When user activity is detected, NS will attempt to beacon to a preconfigured LP [listening post] to retrieve tasking, execute the instructions, and reply with the responses in one session."
And in detailing how a combination of tools including NightSkies would work on a Mac, the CIA wrote that it would act as "a beacon/implant that runs in the background of a MacBook Air that provides us with command and control capabilities. The implant will beacon periodically." Essentially, once the MacBook Air had been compromised following a physical installation, the CIA could access it whenever, and it would beacon out looking to be controlled by snoops within the agency.
https://www.forbes.com/sites/thomas...ks-cia-apple-mac-iphone-hacking/#22c712f51e3b
That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits - malware that can hide at the lowest level of Apple systems, the kernel and the firmware of the device.
One of CIA's implants was called NightSkies, a manual for which noted there was a version for iPhone, then appearing to list the year 2008, though Wikileaks claimed the tool was operational in 2007, the year of launch. "NightSkies 1.1 exists for the iPhone," a CIA manual read, in a document entitled DarkSeaSkies that dated back to 2009. "Currently, NightSkies does not have stealth and persistence capabilities."
In a document describing the NightSkies malware for an iPhone 3G running iOS 2.1, released in 2008, the CIA wrote that it effectively granted the agency full control over an infected device: "The tool operates in the background providing upload, download and execution capability on the device. NS is installed via physical access to the device and will wait for user activity before beaconing. When user activity is detected, NS will attempt to beacon to a preconfigured LP [listening post] to retrieve tasking, execute the instructions, and reply with the responses in one session."
And in detailing how a combination of tools including NightSkies would work on a Mac, the CIA wrote that it would act as "a beacon/implant that runs in the background of a MacBook Air that provides us with command and control capabilities. The implant will beacon periodically." Essentially, once the MacBook Air had been compromised following a physical installation, the CIA could access it whenever, and it would beacon out looking to be controlled by snoops within the agency.
https://www.forbes.com/sites/thomas...ks-cia-apple-mac-iphone-hacking/#22c712f51e3b