WikiLeaks: CIA Hacked Apple Devices in Ways Users Can't Fix

Advertisement
By Associated Press | Updated: 24 March 2017 10:25 IST

New documents from WikiLeaks point to an apparent CIA program to hack Apple's iPhones and Mac computers using techniques that users couldn't disable by resetting their devices.

Security experts say the exploits are plausible, but suggest they pose little threat to typical users. They say that many of the tricks are older - the iPhone hack involves the 3G model from 2008, for instance. The techniques also typically require physical access to devices, something the CIA would use only for targeted individuals, not a broader population.

Advertisement

"The most notable part of this latest WikiLeaks release is that it shows the CIA doing exactly what we pay them to - exploit specific targets with limited attacks to support our national interests," said Rich Mogull, CEO of the security research firm Securosis.

WikiLeaks Says It'll Work With Tech Firms to Defeat CIA Hacking

Apple didn't respond to a request for comment. The CIA has not commented on the authenticity of this and earlier WikiLeaks revelations, but has previously said it complies with a legal prohibition against electronic surveillance "targeting individuals here at home, including our fellow Americans." The agency declined further comment Thursday.

Document dump
The leaks Thursday come about two weeks after WikiLeaks published thousands of alleged CIA documents describing hacking tools it said the government employed to break into computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung.

Wikileaks CIA Files: 5 Things We Learnt About Gadgets That Spy on You

The latest disclosures are much more focused and consist of just 12 documents, all involving Apple products. The documents describe techniques for rewriting devices' firmware in ways that would maintain a hacker's access even if a user resets a phone or computer to factory settings. Doing so wipes out all apps and the operating system and installs a clean version; it is an extreme measure sometimes used to deal with technical problems, but is also the sort of step that someone suspicious of surveillance might take when getting a brand new phone.

Advertisement

A December 2008 document describes "NightSkies," a tool apparently designed to target the iPhone 3G; the document claims it can retrieve files such as contact lists and call logs and execute other commands. WikiLeaks suggested in a press release that the "CIA has been infecting the iPhone supply chain of its targets since at least 2008."

Advertisement

However, the document describes only how to install the malware on a "factory fresh" version of the 3G - specifically, the iPhone 3G running the 2.1 version of Apple's operating system, both of which are now nine years old.

Caveats galore
But infecting all phones somewhere in the manufacturing process would be extremely difficult, said Mogull, especially given multiple layers of inspections conducted by Apple and its contractors. At most, he said, the CIA might have shipped a rogue phone individually to a target.

Advertisement

And while it's possible that the CIA developed similar techniques for later iPhone models, Mogull said iPhones from the past few years have much greater security, including digital security certificates that cannot be overwritten. A flag would be raised during the setup process if certificates do not match.

WikiLeaks 'Vault 7' CIA Dump: Are the Files Real and Are They a Risk?

Johannes Ullrich, director of the Internet Storm Center at the SANS Institute, said NightSkies might not even be a current project given that the document was last updated in 2008, while the leaks appear to have come in 2016.

Other documents released describe similar exploits for Mac computers. One hides in the firmware of Apple's Thunderbolt-to-Ethernet adapter and requires someone to plug in that adapter to install the malware. Another targets a specific Mac model, the MacBook Air with the Leopard version of the Mac OS system - current at the time, but now seven generations old.

Ullrich said the Mac exploits all appear old. He added that some of the Thunderbolt issues have been fixed to make the hack more difficult to pull off.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day 2026: Top Deals on 65-inch Smart TVs
  2. Amazon Prime Day 2026: Best Deals on Soundbars From JBL, and More
  3. Best Camera Phones Under Rs. 30,000 for Content Creators in India
  4. Amazon Prime Day 2026: Best Deals on iQOO Smartphones
  5. Amazon Prime Day Deals 2026: Up to 70 Percent Off on These Projectors
  1. Best Camera Phones Under Rs. 30,000 for Content Creators in India: Motorola Edge 70 Fusion, Galaxy F56, More
  2. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  3. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  4. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
  5. Nokia 235 4G (2026), 215 4G (2026) Launched Alongside Nokia 210 4G, and 200 4G With AI Assistant Button
  6. Samsung Galaxy S27 Ultra Battery Details Leaked; Could Top iPhone 18 Pro Max's Battery Capacity
  7. OnePlus Ace 7 Series Tipped to Feature 185Hz Display, 9,000mAh Battery
  8. WhatsApp Rolls Out Primary Device Support on iPad, Tests New Setup Screen for Android Tablets: Report
  9. Government Directs App Stores to Remove Malicious Apps Used to Disrupt E-Rickshaw Operations: Report
  10. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.