WikiLeaks on Thursday released new documents that detail what it believes is how the CIA can hack an iPhone even if the operating system is deleted and reinstalled.
According to the documents, hackers working for the U.S. government could breach iPhones and install malicious software on the devices’ “firmware”, which is its permanent software. If true, it means a targeted iPhone owner would never be able to remove the hacking software. Even a “factory reset”, in which all data is deleted and the operating system is reinstalled, could not remove the firmware hack. The program is called NightSkies and the documents discussing it date to 2008, soon after the first iPhone was released.
The leak notes the version of the program was described as “1.2”, but there was no evidence the program was still in use or if it could infiltrate contemporary iPhones. Other hacks targeting Apple devices covered in the leaks, however, appeared to be more recent. One project, Sonic Screwdriver, dating to 2012, hacks Apple laptops and desktop computers by first hacking into the Ethernet cable adapter for the computers. Several other programs revealed in the leaks, Triton and Der Starke, date to 2013 and could be implanted by a remotely located hacker online or by a someone who has physical access to targeted computers. Once installed, the software is practically invisible to the computer’s user and could easily transmit files to the CIA undetected. In a statement emailed to Anadolu Agency, Apple said it had already addressed the vulnerability issues.
“Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released.” the company said. “Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.” it added. The CIA did not respond to an Anadolu Agency request for comment. WikiLeaks suggested that many of the hacking programs could be installed on devices intercepted by the CIA while being shipped abroad. “While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise,” WikiLeaks said in a statement alongside the leaked documents.comments powered by Disqus