Wikileaks drops 'Dark Matter', part two of its Vault 7 CIA leaks
Released to the public on March 23, 2017, the second set of documents has been called 'Dark Matter'. Like with part one, it is said to include details of the CIA's global hacking program, and these documents describe hacking methods allegedly used by the agency to access Apple devices and upload data.
In particular, the documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones using, among others, the "Sonic Screwdriver" project. As explained by the CIA, Sonic Screwdriver was a 2012 "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting". This would allow an attacker to boot its software from a USB stick, for example, "even when a firmware password is enabled".
Apple has responded to the disclosures from Wikileaks by saying it has completed a preliminary investigation on the new information. “Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released,” the company said in a statement. “Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.”