Skip to main content
  1. Home
  2. Computing
  3. Apple
  4. News

Apple responds to Wikileaks’ ‘Dark Matter’ release revealing CIA efforts to infect Macs

Add as a preferred source on Google

Wikileaks isn’t done with its Vault 7 release of CIA hacking documents, which has already created quite a stir by outlining various exploits that the CIA created for a variety of platforms. While Wikileaks has not revealed sufficient detail to allow the exploits to be easily used by cybercriminals, it has pointed nefarious parties in the right directions.

Now, Wikileaks has released another bundle of documents, dubbed “Dark Matter.” This time, the organization turned an eye to Apple’s Mac, with a number of exploits that are both insidious and persistent, MacRumors reports.

Recommended Videos

The leak highlights a specific CIA program, “Sonic Screwdriver,” that was created by the agency’s innocuous-sounding Embedded Development Branch. The exploit uses infected USB drives to inject code that attacks a Mac while it’s starting up and bypasses a user password to instead “boot its attack software.” Allegedly, the code has even been installed to modified firmware on Apple’s own Thunderbolt-Ethernet adapter.

Sonic Screwdriver isn’t the only exploit contained in the Dark Matter leak:

“DarkSeaSkies” is an implant that persists in the EFI firmware of an Apple MacBook Air computer and consists of “DarkMatter,” “SeaPea” and “NightSkies,” which are ,respectively, EFI, kernel-space and user-space implants.

Documents on the “Triton” MacOSX malware, its infector “Dark Mallet,” and its EFI-persistent version “DerStake” are also included in this release. While the DerStake1.4 manual released Thursday dates to 2013, other Vault 7 documents show that as of 2016, the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.”

As MacRumors points out, Dark Matter also has iOS in its sights, with a number of iPhone-related exploits that are injected into target devices during the actual manufacturing process. These exploits have allegedly been underway since 2008, or soon after the iPhone was first released:

“While CIA assets are sometimes used to physically infect systems in the custody of a target, it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain, including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.”

You can check out the Wikileaks source documents here. We’re likely to see additional leaks going forward, which, along with efforts to understand the documents that have already been leaked to date, will keep security analysts and the companies that make affected machines busy.

Apple has been quick to respond to the WikiLeaks Vault 7 leaks, and this one is no different. Apple provided a statement to Techcrunch, both about the Mac and iPhone exploits and Apple’s response to WikiLeaks in general:

“We have preliminarily assessed the Wikileaks disclosures … Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.

“We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.”

Updated on 3-24-2017 by Mark Coppock: Added Apple’s statement.

Mark Coppock
Former Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
How to install macOS 27 Golden Gate public beta on your Mac?
From a smarter Siri to a more reliable Spotlight, here's your full walkthrough for installing macOS 27 Golden Gate's public beta today.
macOS 27 Golden Gate

Along with iOS 27’s public beta, Apple has also released macOS 27 Golden Gate’s public beta build, so that early adopters can get their hands on the new features, including Siri AI, and provide timely feedback to help ensure a stable iOS launch in September. 

If you’re sold on all the new features but don’t want to put your faithful MacBook through developer beta duty, a public beta offers a much more refined experience. To install macOS 27’s public beta, follow the steps given below. 

Read more
Microsoft is finally fixing the worst thing about Windows Search, but you can’t try it just yet
Windows Insiders in the Experimental channel are getting a Search experience that finally feels less of a billboard and more of what users actually need.
Page, Text, Person

Windows Search has been a mess for years, and I do not use that word lightly. Open it to find a file, and you get trending Bing topics, Microsoft Store promotions, and an AI tools tile that just opens a browser. 

That is changing, but not immediately for all users. Microsoft is rolling out a batch of Windows Search improvements to Insiders in the Experimental channel, and for once, this isn't just a fresh coat of paint.

Read more
Apple doesn’t want to share this AirPods feature with Meta, but the EU may force its hand
Spring 2027, EU only, built under DMA pressure.
The front of the Ray-Ban Meta smartglasses.

I’ve been an AirPods user for the last four years, and one of the things that makes it genuinely hard to leave behind is the seamless, almost magical pairing experience across devices. Open an AirPods case near your iPhone, and a pop-up appears within seconds. Switch to your Mac and the audio follows. 

However, the experience is limited only to Apple devices. Doesn’t matter whether you have one of the coolest pieces of tech on the market right now; if it’s not Apple, it won’t get the same treatment. However, that might change for the Meta Quest or the Ray-Ban Meta glasses, thanks to pressure from the EU. 

Read more