#DarkMatter: Apple’s fix for CIA hacks disputed by WikiLeaks

24 Mar, 2017 20:33

Following WikiLeaks’ latest revelation that the CIA has been infiltrating Apple products for years, the technology giant released a statement saying all vulnerabilities have since been fixed, prompting WikiLeaks and others to dispute the claim.

“We have preliminarily assessed the WikiLeaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released,” Apple said in a statement. “Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.”

Apple was referring to CIA tools such as NightSkies, DarkSeaSkies, Triton and Sonic Screwdriver used to infiltrate the iPhone, MacBooks and desktops.

“Apple's claim that it has ‘fixed’ all ‘vulnerabilities’ described in DARKMATTER is duplicitous,” WikiLeaks tweeted in response. “EFI [Extensible Firmware Interface] is a systemic problem, not a zero-day [vulnerability in software or hardware that can be exploited to hack systems and is often later patched.]”

EFI loads a computer’s operating system and is behind the boot sequence of a computer.

“If you change something before that [booting], you’re controlling everything,” firmware hacker Karsten Nohl told Wired. “It becomes part of your computer. There’s no way of knowing that it’s there, and also hardly any way to get rid of it.”

“Darkmatter+Triton can be remotely installed. CIA has 2016 version: DerStake2.0. EFI is not fixable ‘vulnerability’,” WikiLeaks said.

WikiLeaks’ Dark Matter release Thursday explained that while many of the documents are from up to 2013, “other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.”

Whether Apple has fixed all the vulnerabilities featured in Dark Matter, the documents show CIA’s capabilities and suggest it has likely continued to attempt to infiltrate newer Apple products.

The company responded to the first batch of documents released by WikiLeaks as part of its massive #Vault7 earlier this month. It said “many” of the exploits featured in the documents had already been patched in the latest iOS update and that it was working to “rapidly address any identified vulnerabilities.”

READ MORE: WikiLeaks publishes #Vault7: 'Entire hacking capacity of the CIA'