The Central Intelligence Agency is able to permanently infect an Apple Mac computer so that even reinstalling the operating system will not erase the bug, according to documents published today by WikiLeaks.
In its second release allegedly from the CIA’s arsenal of hacking tools, WikiLeaks also said that it appears the US spy agency has been able since 2008 to insert it bugs onto new and unused iPhones by intervening in Apple’s supply and distribution network. The release follows the initial publication on March 9 by the anti-secrecy group of thousands of pages of instructions band code from what it called the entire CIA arsenal of hacking tools.
The documents are generally believed to be genuine, although the CIA has not acknowledged this.
The publication of the documents sparked a US counterintelligence investigation into how the documents leaked out from the CIA and made their way to WikiLeaks, with some people pointing fingers at the agency’s use of private subcontractors as a likely source. The newest documents focus on how the CIA targets Apple’s popular personal electronics to spy on users.
They show the CIA developed a tool in 2012 called “Sonic Screwdriver” that can hijack an Apple computer’s password-protected boot process from peripheral devices like adapters and USB drives. By doing so, they can inject a undetectable bug deep into the computer’s essential firmware that will not be erased even when the computer is reformatted.
The manual for the “NightSkies” bug shows that the CIA developed it in 2008 to be implanted physically in brand new iPhones.
“While CIA assets are sometimes used to physically infect systems in the custody of a target, it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments,” WikiLeaks said.
The documents provide a glimpse into the workings of the CIA. One showed the agency urgently trying to adapt NightSkies to a certain Apple laptop.
The agency “has the opportunity to gift a MacBook Air to a target that will be implanted with this tool,” one 2009 document said.
“The tool will be a beacon/implant that runs in the background of a MacBook Air that provides us with command and control capabilities.”