WikiLeaks’ CIA Vault 7 Documents Reveals Know-How Of Covert Hacking Operation For Mac Devices

By Edwin Kee
Apple logo
Apple has sent a letter to the US National Highway Traffic Safety Administration (NHTSA). It seemed to confirm the interest of the company in the further development of self-driving technology. The company has expressed excitement about automated systems in areas such as the transportation but asked NHTSA not to impose too many restrictions on testing self-driving cars. Rob Pongsajapan via Flickr

WikiLeaks have been in the eye of the storm for a long time now, having made its mark by releasing documents of government wires to the masses which certainly riled more than just a few feathers. This time around, we have a whole new batch of CIA "Vault 7" documents which have been published already. This second batch of such documents point to the tricks of the trade employed by the CIA in penetrating different kinds of Mac hardware. While that might sound scary, none of these happen to be that alarming, since the published penetration methods do not imply to be accompanied by wide-reaching consequences, as they all need some sort of physical device access before implementation.

Skies and everything dark
The second batch of “Vault 7” documents is definitely not as large as the first. This time around, it focuses on plenty of Apple hardware, with a handful of macOS vulnerabilities as well as attack vectors that make use of the EFI routines which happen to control the boot process. "DarkSeaSkies" is used to target the MacBook Air, where it will make use of an EFI injection that is known as "DarkMatter". This will result in the installation of a "SeaPea" kernel attack, whereas "NightSkies" happens to be a piece of malware and keylogging combination.

The DarkSeaSkies package will be delivered via a "Sonic Screwdriver" which comes in the form of either a USB flash drive or modified Thunderbolt to Ethernet adapter. DarkSeaSkies will take advantage of a Thunderbolt exploit has since been patched a couple of years back after its discovery in 2014, so there is not much to worry about.

The iPhone is not immune, either
What is interesting to note is the fact that the CIA had already begun to look for ways to hack into the iPhone just a year after it has been released. This was confirmed by an offshoot of "NightSkies", which also happens to be available for the iPhone back in 2008. The “NightSkies” variant is installed through "interdicting mail orders and other shipments", but at the very least, this is not a remote attack of any kind.

OS X Mavericks could be vulnerable
Something that is far more recent would be OS X Mavericks, where the "DerStarke" package might actually be used to break into OS X Mavericks when it was still being developed. This particular package continues to target the EFI compromise, but it certainly does not seem to be that potent as the "SeaPea" vector which does a pretty good job at targeting the MacBook Air.

Do take note that the EFI exploits continue to remain after a reboot, due to a self-reinstallation process post reboot if left unmitigated. An Apple firmware update would do the trick when it comes to a permanent resolution. However, this will not be the case if someone has physical access to the machine to perform a reinfection.

So far, it seems, that the CIA's Center for Cyber Intelligence (CCI) group has targeted over 10,000 individuals around the world with a myriad of devices: iOS, Windows, and Android falling under their “umbrella”, smart TVs included.

  • [Exclusive Interview] A revelation within the brink of life and death — Meg Leung’s mission in Christian art

    Meg Leung (梁麗橋), an artist with a lifelong love for watercolor painting, sees her art as more than a means of expressing her inner world; it is a bridge connecting her to God. Her artistic journey has revealed God’s perfect plan and inspired her to communicate the power of faith through her wor

  • Transgenderism a fundamental human right? Hong Kong public disagrees, survey finds

    A 2024 survey from the Society for Truth and Light (明光社)'s Center for Life and Ethics Research reveals that respondents from various backgrounds prioritize personal safety and fairness when it comes to transgender issues. When laws involve moral judgments, most respondents believe courts should not make the decisions. The study also indicates that religious believers share similar views with non-religious respondents, reflecting that many churches may rarely address gender topics in depth.

  • Discipleship and Evangelism: Walking the Path of the Great Commission

    Like an ever-flowing spring, the gospel refreshes dry, parched lands and needs our unwavering passion and steadfast faith to transform lives and bring renewal. The "flame in our hearts" calls Christians to keep their faith and love for the Lord ablaze, representing the work and power of the Holy Spirit, driving us to proclaim God's glory boldly.

  • North America Chinese Evangelical Seminary year-end report highlights significant ministry progress

    As the year draws to a close, Rev. James Liu, President of the Chinese Evangelical Seminary North America (CESNA), reflected on the seminary’s remarkable growth and ministry development over the past year. Dedicated to providing theological education to Chinese Christians, CESNA continues to uphold its mission to remain faithful to the gospel and nurture believers. This year’s achievements span academic, ministerial, and outreach endeavors, fostering spiritual growth and advancing missionary wo

Top Stories