Hard Drive Recovery Associates

How True Are Hacking Attacks On Apple Devices?

How True Are Hacking Attacks On Apple Devices?

Hacking is a common problem that our modern world faces. Whatever your computer/ laptop or gadget may be, the hackers do not discriminate and will do everything to break the integrity of your system and either steal your files or corrupt it.

As more mysteries are being unraveled by Wikileaks to the world at large, it just shared details about hacking incidents involving the Apple’s Mac line and our country’s very own Central Intelligence Agency. As sophisticated its hard drive may be, experienced hackers can still get through the system and infect your Mac computer or iPhone.

WikiLeaks just shared a few new documents as part of the CIA Vault 7 data dump. These documents describe hacking methods allegedly used by the agency to access Apple devices and upload data. Most of today’s exploits are related to the Mac platform. It’s interesting to see the CIA’s old hacking techniques. It’s unclear if some of them still work today.

Here’s an example of an easy to pull off a hacking attack on a Mac computer which made it to the news several years ago and how the CIA executed it to breach security and retrieve important data:

Sonic Screwdriver v1.0

This 2012 hack is quite neat as it uses a peripheral device to infect your Mac. In particular, the CIA was installing the malware on Thunderbolt-to-Ethernet adaptors.

After the CIA had flashed the dongle, it was quite easy to execute. By powering on the Mac, the code would automatically execute on the accessory and infect the firmware with something like Der Starke (see below).

It’s a silent attack and it would fool anyone. The accessory remains infected so you could end up attacking multiple Macs with the same device.

Does this sound familiar? Because when I read this, I instantly remembered Thunderstrike 2. Xeno Kovah and Trammell Hudson described the exact same exploit at Black Hat in 2015, three years after the CIA’s document.

Apple has fixed the exploit around the same time, so you should be fine.

(Via: https://techcrunch.com/2017/03/23/wikileaks-releases-new-cia-documents-describing-mac-exploits/)

And the recent Wikileaks expose reveals how vulnerable Apple’s Mac and iPhones are to hacking attacks.

WikiLeaks has released a new set of documents related to alleged CIA spying techniques, this time detailing tools purportedly used by the agency to gain access to Apple Mac computers and iPhones. It’s calling this new leak Dark Matter.  

The majority of today’s document dump, part of the organization’s larger Vault 7 leak, deals with ways the CIA could exploit Macs. It’s unclear if these tools are still in use today or would be as effective on newer machines, though Apple has patched at least one of the vulnerabilities detailed.

The first exploit is called Sonic Screwdriver, and it let the CIA execute code from a peripheral device onto a laptop or desktop while the machine was booting. The code would be carried on an Thunderbolt-to-Ethernet adapter and would execute when the target Mac powered on. 

Apple recognized the potential for third-party devices to do this and patched the hole in 2015, as TechCrunch points out.

(Via: http://www.techradar.com/news/wikileaks-latest-leak-reveals-alleged-cia-exploits-for-mac-and-iphone)

There is a reason to be scared if you are an Apple user because of claims that the CIA has zeroed in on this user demographic for a decade now and that no one is safe considering they are said to target iPhone units that are fresh from the factory. Another reason for concern is that the bugs they use persist even after reinstalling the iOS.

‘That means that this is a malware technique developed by the CIA to insert its malware and viruses into people’s computer systems, Macintosh computer systems, which doesn’t store itself on the regular hard drive that people use,’ WikiLeaks publisher Julian Assange said in a press conference live-streamed on Periscope today.

Instead, according to Assange, it will persist ‘even if you throw away your hard drive and reinstall your operating system.’

The leak also includes the manual for a program called ‘NightSkies 1.2,’ which is a ‘beacon/loader/implant tool’ for the iPhone.

So, always keep this in mind:

And, the program is ‘expressly designed’ to be physically installed in ‘factory fresh iPhones,’ Assange said.

This, in essence, means ‘the CIA has been infecting the iPhone supply chain of its targets since at least 2008,’ WikiLeaks claims.

(Via: http://www.dailymail.co.uk/sciencetech/article-4343102/WikiLeaks-claims-CIA-bug-factory-fresh-iPhones.html)

This is a serious concern for all of us – ordinary citizens – because you may be subjected to these hacking attacks as long as you’re a Mac or an iPhone user. You can never tell if the CIA was able to get to your gadget first before you even buy it and implant it with a bug.

Moreover, the Apple Mac line is often used by the higher end of the market, so they probably have more to lose once their data is lost, stolen, or hacked. The government is yet to explain for these accusations and also explain to the public why these measures were undertaken to begin with. If proven, this is a clear breach of Apple users’ privacy. Now, the question is why does Apple allow it to happen? What’s in it for them?