Dark Matter Leak – CIA’s Mac Exploits Revealed

Wikileaks is at it again! Julian Assange and company have released the second part of the Vault7 leak called Dark Matter. Let’s find out what this leak is all about.

Sonic Screwdriver Exploit – Bypassing Mac Password 

This new leak shows how CIA could hack into almost all Apple devices. It explains how CIA used USB drives to insert malicious code in macOS operating system.


Here’s how the complete attack process.

  • The USB drive was loaded with an exploit named “Sonic Screwdriver”.
  • The USB drive was plugged into a Mac while it was booting macOS.
  • USB drive loaded the attack software in the operating system.
  • The exploit would then bypass the administrator password giving the hacker, full access to your system.

To bypass protection, CIA also used Thunderbolt-to-Ethernet adapter manufactured by Apple, to store “Sonic Screwdriver” exploit.

Der Starke Exploit – Remote File Transfer

This doesn’t end here. CIA also employed another exploit called “Der Starke”. Der Starke could hack into Mac through an infected USB drive.

This exploit allowed the hacker to gain unprecedented access to the storage without users’s knowledge. This malicious code was also completely hidden from all anti-virus applications.

yalu 10.2 github

“Der Starke” remained active even if the operating system was changed or reinstalled.

CIA also has a malicious software for iPhone called “NightSkies”. This code was loaded physically on factory fresh iPhone devices. This exploit was used on legacy iPhone devices such as iPhone 3G.

This shows Apple’s supply chain may not be as secure as we think.

It’s interesting to see how CIA is using classic hacking tactics – bypassing security instead of attacking it head-on.

Am I in Danger?

No. These exploits are very old and Apple must have patched them already. There’s nothing you need to worry about right now. Here’s a confirmation by eminent security researcher Will Strafach.

Wikileaks is surely going to release more leaks soon. They might contain exploits that we actually need to worry about.

What remains to be seen is how many exploits CIA has stocked up for iOS 10.

Leave a Reply

Share via
Copy link
Powered by Social Snap