A new WikiLeaks Vault 7 leak titled “Dark Matter” claims, with unreleased documents, that the Central Intelligence Agency has been bugging “factory fresh” iPhones since at least 2008. IT security experts from FireMon, prpl Foundation and Comparitech.com commented below.
Paul Calatayud, CTO at FireMon:
“The tools are very noteworthy yet to be expected if you understand the space. We have seen issues with suppliers and manufacturers in the computer world installing or not being aware of root kits and low level firmware key loggers being installed, examples being Lenovo. Even this week I read reporters that Microsoft Windows 10 if enabled within settings send full key log data back for analysis.
“The question moves away from technology capability towards intent and success. This is where I would disagree with others. I suspect this program was able to weaponise malware at low levels of Apple phones. I disagree that the program had large scale reach or that they were able to distribute it with Apple support or with any success. In other words, just because the malware was designed, does not mean it is present in all phones. Looking at the fight between the FBI and Apple over backdoor and encryption further leads me to believe these capabilities and the malware is not readily deployed in the wild. I suspect there was far greater success of surveillance programs within the wireless networks vs. what’s on the device. Just think, what data that lives on your phone is not somehow being transmitted over wireless protocols and internet services; text messages, phone calls, email messages, etc.”
Cesare Garlati, Chief Security Strategist at prpl Foundation:
Lee Munson, Security Researcher at Comparitech.com:
“While the tools allegedly at the spy agency’s disposal are impressive, in so much as they are claimed to be both persistent and able to disregard password-enabled signups, they would appear to rely upon one very important component – physical installation.
“Unless we are to believe that Apple is in some way complicit with this arrangement – which I doubt totally, given Tim Cook’s stance on privacy – then the CIA would only be able to infect devices that have been intercepted through the postal system.
“Should this be the case, it may possibly be cause for concern, given we don’t know who may have been targeted, but it does show that this technique is probably not specifically related to Apple because physical access is a huge security risk to any device.”