WikiLeaks releases documents on Macbook and iPhone CIA hacking tools

WikiLeaks releases documents on Macbook and iPhone CIA hacking tools
When Edward Snowden made his claims that the NSA was tapping into personal data and had access to many people’s computers, a lot of folks took it as “random” news, or “just another headline”. Earlier this month, whistle-blowing website WikiLeaks published thousands of documents that reveal various ways in which the CIA is able to break into your smartphone, computer or Samsung Smart TV. It has now published a second batch of documents, called Dark Matter, showing that the CIA is in possession of malware able to easily get into iPhones or MacBooks, too.

Sonic Screwdriver is the name of one of CIA’s tools that affects Mac computers through a Thunderbolt-to-Ethernet adaptor, which adaptor is capable of affecting more than one computer, if used on multiple devices. You don’t really need to do anything specific, as the algorithm would automatically infiltrate the device when the dongle is plugged in. The software gets to the very core of the system, making it incredibly hard to detect and remove. In this sense, the Sonic Screwdriver has been compared to a known bug, called Thunderstrike 2, which was discovered to plague Macs two years ago. Even though they seem to have borrowed the name from Doctor Who’s sci-fi tool to call their malware by, the CIA definitely found cool application for it, hands down.

Triton and Der Starke are two other malware tools that CIA uses to remotely gain access to data on computers. They can tap into computers from pretty much anywhere on the globe, giving CIA virtually free entry to any stored files or folders. Once installed, these are kind of impossible to remove and are said to remain in the computer, even after macOS reinstallation.

Dark Matter also reveals the NightSkies tool, which, allegedly, affected iPhone 3G and its iOS 2.1. The malware gave the government agency access to quite a lot of information on the smartphone, and also allowed to distantly execute commands on it.

These tools are quite old, though, and no longer in operation. However, we simply can't help but wonder whether the CIA has updated versions of its tools to work with contemporary iOS and Android code. *Big Brother theme song plays*

source: WikiLeaks via TechTimes



1. Landon

Posts: 1248; Member since: May 07, 2015

Apple fan: "I love Apple products because they never crash and can't be hacked." CIA: "Hold my beer."

2. Unordinary unregistered

"We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released."

4. gigicoaste

Posts: 463; Member since: Feb 21, 2016

don't be naive! what makes you think that they don't hold other tools for current devices? WikiLeaks shows tools from 2009, you really believe that since then they were not keeping up to updates? no matter what it is mac or android or windows..

5. mikehunta727 unregistered

Did you like not read his comment or something? How is being naive? He literally said no smart device is safe from this

11. Arch_Fiend

Posts: 3951; Member since: Oct 03, 2015

I think is reply is for ordinary, since he says some bs about a iPhone 3g fix from 2009.

12. mikehunta727 unregistered

Ah okay, PA comment system is pretty trash, I assumed he replied to you since the comment box is shifted over to the right under your comment lol

15. Arch_Fiend

Posts: 3951; Member since: Oct 03, 2015

It is trash, I still don't like that there is a view all comments button now like wtf, it was fine before smh.

16. mikehunta727 unregistered

Yeah.... Pretty dumb man

30. lyndon420

Posts: 6883; Member since: Jul 11, 2012

PA definitely needs to tweak their comment section a little bit so every single comment has an actual response # attached to it - some have one while others don't.

34. Arch_Fiend

Posts: 3951; Member since: Oct 03, 2015

I agree!

19. gigicoaste

Posts: 463; Member since: Feb 21, 2016

as he was saying, was a general comment.. as I'm sharing his opinion! I can see my comment as a reply of his.. the comment system totally crap..

7. mikehunta727 unregistered

This hack required physical access to the devices, possibly done on the supply chain or en route to customers before they are delivered

21. marorun

Posts: 5029; Member since: Mar 30, 2015

Unordinary do you think they dont keep updating those tool? Seriously some apple user ( not all of them ) are pretty much blind.

35. tedkord

Posts: 17479; Member since: Jun 17, 2009

"Only 9 phones bent." "All phones have the same antenna issue."

3. Arch_Fiend

Posts: 3951; Member since: Oct 03, 2015

Everything with a wireless connection can be hacked, no computer or smart device is safe.

10. Landon

Posts: 1248; Member since: May 07, 2015

I know. I was just making a funny. :D There was a 60 minutes episode that was pretty alarming. They briefly describe the episode in the link below.

6. Subie

Posts: 2428; Member since: Aug 01, 2015

If the CIA has these tools, who knows what other agencies around the world might have at their disposal...

9. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

A phone is just a computer on a network. Any network device can be hacked. Some may be harder, but harder is not equal to impossible.

36. AlikMalix unregistered

Techie why don't you ever post these type of comments: short, to the point, and without bantering on others choices. Great post. You got a +1 from me.

8. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

There was recent mention that any phone on a GSM based carriers can be hacked and calls can be intercepted. It is also possible on CDMA networks, but much harder. Harder is not equal to impossible. The fact is your carriers can intercept any call they may need to and text messages too. You think the Gov't can't do the same? Who you think AT&T's biggest customer is? All Federal Employees that have a Gov't issued phone, uses AT&T.

38. jack123

Posts: 278; Member since: Jan 07, 2013

I heard even smart TVs are also vulnerable for hacking too.

39. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Yes I heard. But what would you need to hack on a TV? To see what I watch? They don't have cameras and they don't contain personal data. So even if someone did hack a TV, they couldn't do anything other than possibly break it. My networking products are at home behind a firewall. It'ss 256Bit Encrypted. I wish any hacker luck.

13. Plasticsh1t

Posts: 3109; Member since: Sep 01, 2014

Edward Snowden got competition with fellow user Klinton. Klinton where you at?

14. mikehunta727 unregistered

My two cents; companies like Google and Apple will always be a step or two behind NSA/CIA in this regard but that it doesn't mean that Google and Apple and others can't make life harder for them with hardware changes/updates to OS that close out known holes/exploits in the OS/kernel/firmware that are potentially already being used by them.. thus making them have to find new ways to exploit/gain access whether it's through a actual physical breach on the device or through known exploits in the software The CIA probably intercepts every single shipment of electronics that comes in the U.S and implements w.e

17. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Samsung offers Samsung Knox, which offers an extra layer of 256Bit Encryption to their devices, on top of what Android already offers. But just remember, all these phones are also certified for Gov't usage. So I am sure when a new phone arrives, they buy it and try to reverse engineer the software, or hack the phone until they break in. The fact is, it doesn't matter how often the phone is updated, because the Feds update their phones too. In fact before an update is rolled out to a Govt phone, it is handled by their internal IT.

18. mikehunta727 unregistered

Samsung Knox has been broken multiple times by blackhat hackers at pwn2own events, etc. Knox is good from most blackhat hackers/random people who steal your device but does very little when it comes to nsa/cia. And yes it does matter how often phones are updated to a certain extent which I mentioned in #14. It makes their life just a bit harder but by no means impossible at all for them If information comes out of a leak such as this, companies can respectively patch the holes that have been revealed in leaks, but like I said they will always be 2 steps ahead and absolutely are exploiting known holes that potentially don't get patched and discovered for years and no one has a clue about besides them until then And encryption even on Nougat is pretty poor still by todays standards. Google has to do more. Nougat is missing some critical important encryption functions that has been in iOS 4 for years now

20. mikehunta727 unregistered

Also, the backbone of Android (SELinux) was made by the NSA/Department of Defense

23. marorun

Posts: 5029; Member since: Mar 30, 2015

24. mikehunta727 unregistered

At that time yes , iOS 8 Just introduced FDE. But iOS 10 is easily more secure then Knox nowadays. Quote from CEO of Zerodium, largest blackhat hacking company in the world that is currently offering $1.5 million for each iOS 10 exploit and only $250k for Android Nougat exploits; " "Prices are directly linked to the difficulty of making a full chain of exploits, and we know that iOS 10 and Android 7 are both much harder to exploit than their previous versions," he told Ars. Asked why a string of iOS exploits commanded 7.5 times the price of a comparable one for Android he said: "That means that iOS 10 chain exploits are either 7.5 x harder than Android or the demand for iOS exploits is 7.5 x higher. The reality is a mix of both." --------------"That means that iOS 10 chain exploits are either 7.5 x harder than Android or the demand for iOS exploits is 7.5 x higher. The reality is a mix of both." Not to mention also that Nougat is missing some critical encryption features that has been present in iOS 4(Over 6 years ago) Knox is really only just as secure as the OS is, if there is a known CVE in Android that hasn't been patched yet to the device, it can bypass Knox no problems at all

25. mikehunta727 unregistered Knox is designed to enhance security of the operating system. However, the flaws allowed full control of the Samsung Galaxy S6 and Note 5 that were used during the testing process. The exploits required an existing flaw to work. Viral’s security research team used an existing kernel vulnerability known as a write-what-where flaw, CVE-2015-1805. The group clarified that “any such vulnerability can be used” to exploit the flaws. ------------“Once you have the existing vulnerability this one overcomes all of Samsung’s protection mechanisms and gives you complete control of the device.” the group’s founder told Wired. The team was then able to avoid protections of the RKP and execute their own code.----------

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.