WikiLeaks: CIA tools could infiltrate MacBooks, iPhones
A new series of leaked documents appears to show tools from as far back as 2009 that could infect Apple products. They required physical access.
- 2022 Eddie Award for a single article in consumer technology
Armed with a fresh set of leaked documents, WikiLeaks said Thursday that the US Central Intelligence Agency has developed tools to infect Apple products like iPhones and MacBooks.
The tools, which date from between 2009 and 2013, are unlikely to affect current Apple hardware. They show a spy agency attempting to crack into some of the most locked-down consumer electronics devices available, using hacking methods that require the agency to directly access the products.
CNET is unable to verify whether the documents are real or have been altered.
In a press release, WikiLeaks said it's "likely" the CIA accessed Apple products and infected them "by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
The CIA responded by reiterating a statement from earlier in March, declining to comment on the authenticity of the documents. In that earlier incident, WikiLeaks issued leaked documents revealing a cache of hacking tools that targeted the operating systems of popular phones and PCs, as well as a hacking tool for a Samsung SmartTV that required physical access.
"It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad," the agency said. "America deserves nothing less."
Apple said late Thursday that the iPhone vulnerability affected only the 3G asn was plugged in 2009 with the release of of the 3GS. Meanwhile, the Mac vulnerability was fixed in all Macs released after 2013.
"We have not negotiated with Wikileaks for any information," Apple said in a statement. "We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn't in the public domain."
The tools target Apple's firmware, which is software that permanently runs on electronics to run fundamental processes.
One tool revealed on Thursday, dubbed "Sonic Screwdriver" in the alleged CIA documents, could infect MacBook firmware through the Thunderbolt port. The approach takes advantage of a flaw similar to a problem described by security researcher Trammell Hudson in 2015. They developed a hacking tool they dubbed "Thunderstrike 2" that infected MacBook firmware through the Thunderbolt port based on the flaw, which Apple patched in 2015.
Another tool described in the cache sought to infect iPhones as early as 2008, WikiLeaks said in its press release. The tool had been developed to version "1.2," the organization noted, suggesting that "the CIA has been infecting the iPhone supply chain of its targets since at least 2008."
Regarding the tools revealed by WikiLeaks on Thursday, Hudson wrote on his blog that, "they are all fairly old and probably don't reflect the state of the art for the CIA Operations Group."
Originally published March 3 at 12:58 p.m. PT
Updated at 6 p.m. PT with Apple statement.
CNET Magazine: Check out a sampling of the stories you'll find in CNET's newsstand edition.
Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.