Earlier this month, Wikileaks dropped a massive amount of classified information purportedly from obtained from the CIA. The leak revealed how the government agency has repeatedly built new tools to breach everything from iPhones to smart TVs. Today, Wikileaks unveiled even more information from its “Vault 7” archive of CIA intel and this time it puts Mac users in the crosshairs.
The most damning pieces of info pertain to what the CIA calls the “Sonic Screwdriver” project. In its internal documentation, the CIA describes it as a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting,” essentially giving the exploit the ability to bypass passwords and other security features the user may have installed on the device.
Along with Sonic Screwdriver, the CIA also developed something it calls DarkSeaSkies, which burrows itself into the firmware of a MacBook and can survive an OS wipe, installing further exploits if needed. As well as NightSkies, which can be installed on a brand new iPhone in order to give intelligence agencies a glimpse into what the eventual end user is up to. The documentation shows that some of these tools have continually been updated over time, with new notes appearing as recently as 2016.
These tools all require that the device be in the physical possession of the installer in order to be successfully loaded, which might sound like a pretty big knock on its usefulness, but Wikileaks suggests that the CIA has likely breached the supply chain between Apple and their targets, most notably overseas markets.