Author Topic: WikiLeaks Vault 7: CIA Infects "Factory Fresh" iPhones  (Read 49 times)

0 Members and 1 Guest are viewing this topic.

Offline Quizmaster

  • Flying Nurse
  • Seasonal Competition Team
  • *
  • Posts: 23301
    • Smokey's Security Forums
  • .: Surf Queen
WikiLeaks Vault 7: CIA Infects "Factory Fresh" iPhones
« Reply #1 on: March 23, 2017, 07:12:40 PM »
WikiLeaks Vault 7: CIA Infects "Factory Fresh" iPhones
23 March 2017, 4:56 pm

Vault 7 revelations are back via WikiLeaks, and it seems that iPhones are the center of attention this time as documents reveal that the CIA has been infecting macOS firmware and "factory fresh" iPhones for years. 

If the first time around we saw a trove of documents regarding all types of exploitations the CIA can make use of, this time we're focusing on Macs and iPhones. 

For instance, the "Dark Matter" documents discuss one project called "Sonic Screwdriver." Created by the CIA's Embedded Development Branch, the Screwdriver is a mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting. 

In short, an attacker could install malicious software on your device via a USB stick, even if a firmware password is required. The infector for this particular tool is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter. 

Then, another project is "DarkSeaSkies,... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks