WikiLeaks has released a second set of documents from its so-called “Vault 7” set of information that allegedly details the tools the CIA uses to hack phones, computers, and other devices.

The second release is called “Dark Matter,” and according to WikiLeaks, it showcases some of the tools the CIA has used to hack the firmware of Apple smartphones and computers.

By injecting code into the firmware, Apple could allegedly infect a device in a way that makes it difficult to remove spyware even if you reinstall the operating system.

Mac Firmware Password screen

The good news is that hackers need physical access to a device to do this. The bad news is that this doesn’t necessarily mean the CIA has to sneak into your house and grab your phone.

WikiLeaks posits that “it is likely that many CIA physically access attacks have infected the targeted organization’s supply chain.”

In other words, government spies could try to infect a phone before you even receive it. You place an order, a government spy intercepts the order in transit, opens the box, installs the malware, and then repackages it and sends it on its way.

Is this something you should be worried about? Maybe, maybe not. The CIA is supposed to spy on people… although there should be systems in place to make sure these sorts of activities are only conducted against targets where there is reasonable suspicion.

So far I haven’t seen any evidence fro the Vault 7 documents suggesting that the CIA was breaking any US laws by using its hacking tools. But there is at least one thing worrying about the security vulnerabilities the CIA has to exploit in order to hack devices including iPhones and Macs: the documents allege that the CIA is aware of those security vulnerabilities, but withholds the information from Apple and other companies whose products are affected.

If the CIA can figure out how to hack into your phone using those exploits, then there’s a chance someone else could as well.

WikiLeaks has previously said that it will work with tech companies to identify and patch the vulnerabilities revealed by the Vault 7 documents. But the Vault 7 files and documents are already a bit old and it’s likely that the CIA and other government agencies already have a number of stockpiled exploits that are not mentioned in these documents.

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

2 replies on “WikiLeaks says CIA has been hacking iPhones, Mac computers for years (with tools that require physical access)”

  1. Breaking news from Wikileaks – these spy agencies have been spying on people!!!
    Lots of times the people haven’t even known it. To do it they compromised common items people store information on!!!

    Who would have thunk it…

    1. The surveillance state only kicks into high gear when friends and neighbors begin spying on each other, and report you for criticizing the government. People who complain that what’s happening here in the USA is as bad as what happened under Stalin or in East Germany have no idea what they’re talking about. There are reasons to be vigilant, but paranoia helps no one.

Comments are closed.