WikilLeaks today released the Dark Matter, which is part of the Vault 7 #CIA data dump. The documents reveal the hacking methods apparently used by the organization to gain access to Apple devices and manipulate them in whatever manner they like. The majority of the disclosed exploits are connected to the #Apple Mac platform. These hacking methods were allegedly developed by the agency's Embedded Development Branch (EDB).

Sonic Screwdriver v1.0

This hack utilizes a peripheral device to infect your Mac. According to the latest claim, the CIA installs the malicious software on Thunderbolt-to-Ethernet adaptors. The process moves after they have flashed the dongle.

Advertisements
Advertisements

Upon turning on the power of the device, the code automatically runs on the dongle and infects the Mac firmware. This is a mute attack where the accessory remains infected and has the potential of spreading the same on other Macs.

Although Apple has already resolved this kind of exploit, it is best to always update to the latest version of MacOS. This way, you can get the latest security updates as well as fixes for your device. In addition, do not buy Thunderbolt accessories on eBay and always use the authorized resellers.

Triton v1.3 and Der Starke v1.4

Another powerful malware revealed in the latest #Wikileaks data dump is the Triton. When this is installed on your device, the hacker can get files and folders saved on your computer. They can install it from any location and access your files and folders.

Advertisements

On the other hand, Der Starke v1.4 is a far more alarming exploit. It is a diskless hack that you cannot trace in your computer. Similar to Triton, it can also access your files and folders. When it uploads data, it appears as if you are just uploading a photo as it conceals itself in the guise of a browser process. In order to prevent this, Tech Crunch recommends installing software like Little Snitch, Little Flocker, and BlockBlock. At present, it is still unclear if both Triton v1.3 and Der Strke v1.4 still work today.