- Reuters/Beck Diefenbach
A new document dump from Wikileaks on Thursday claims that the CIA was able to infect a Mac’s firmware using an attack called a “sonic screwdriver.”
The documents, which are dated November 2012, are unverified. However, an Apple spokesperson told Business Insider Thursday night that the Mac vulnerabilities listed in the documents have since been fixed and don’t affect Macs built after 2013.
The method described in the documents allowed access to a Mac’s firmware using an Ethernet adapter that plugged into the computer’s Thunderbolt port. Since the method targeted the Mac’s firmware, it could not be removed even if the computer’s user wiped the operating system clean, the documents claim.
The process sounds familiar to the so-called Thunderstrike bug that was discovered in Macs in 2015. Apple has since released a software patch that fixed the bug. In fact, Apple hired the two hackers who took credit for creating Thunderstrike. It’s unclear if the exploit detailed in the documents published by Wikileaks is the same as Thunderstrike.
Another document in Thursday’s document dump from Wikileaks describes how the CIA was supposedly able to infect “factory fresh” iPhones. However, the document is dated January 2009, and such an exploit could have been fixed by now. The Apple spokesperson said this vulnerability only affected the iPhone 3G and was fixed by the time the iPhone 3GS was released in 2009.
The documents are the latest to come out of the “Vault 7” documents from Wikileaks. The first batch of the documents claimed that the CIA could break into Samsung smart TVs and the iPhone. While the documents appear to reveal some explosive information, many of the vulnerabilities exploited in various devices appear to have been fixed.
The Apple spokesperson also said in a statment that Apple has not negotiated with Wikileaks for any information the organization claims to have.
“We have not negotiated with Wikileaks for any information,” the spokesperson said. “We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.”