On the tails of its damning CIA hacking bombshell, WikiLeaks on Thursday published another trove of documents outlining how the spy agency has been uploading secret software to Apple devices dating back to 2008.
Named 'Dark Matter,' the latest release shows that that CIA has been infecting iPhones since shortly after the product's launch in June 2007, and in some cases "interdicted mail orders and other shipments" to open, infect, and resend devices leaving the United States.
In its press statement, WikiLeaks said it was "noteworthy" that the NightSkies program, said to be a "beacon/loader/implant tool" for the Apple iPhone, "had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. I.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008."
TechCrunch observes: "It was quite powerful as NightSkies could access your address book, SMS conversations and call logs in order to upload it to the CIA’s servers. The agency could also execute commands on the iPhone remotely to install new tools and more."
"While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise," WikiLeaks noted.
This technique was something that had been previously hinted at in documents released by National Security Agency whistleblower Edward Snowden.
Among other capabilities, according to the outlet, the second batch of Vault 7 documents reveal the so-called "Sonic Screwdriver" project which, "as explained by the CIA, is a 'mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting' allowing an attacker to boot its attack software for example from a USB stick 'even when a firmware password is enabled.'"
Pedro Vilaca, a security researcher who specializes in Apple computers, told Vice Motherboard that it appears that the CIA agents were "very early adopters" of this kind of hacking technology.
The document dump showcases many of the CIA's older hacking techniques but, TechCrunch points out that it remains "unclear if some of them still work today."