WikiLeaks yesterdaypublisheda new batch of internal CIA documents which highlighted some of the hacks and programs that the spy organization has been developing internally for years. Those tools were specifically designed to infest Apple’s all-in-one iMac desktop and MacBook notebooks if an agent was able to gain physical access to the device.
One of the methods involved utilized patched Thunderbolt EFI exploit. AppletoldTechCrunch that the documents detail old exploits fixed years ago.
Here’s Apple’s statement:
We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.
We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.
To protect your gadgets from remote intrusion, be sure your devices are running the latest version of the operating system. Apple is quick to patch known and unknown vulnerabilities in its software so that’s the least you can do in order to stay safe.
On your iOS devices,use a six-digit passcode(even better, use an alphanumeric password) that’s harder to crack.
Enable Two-Factor Authenticationas an additional layer of security for your Apple ID and iCloud accounts. In macOS, enable Apple’s FileVault disk encryption andset up a firmware passwordwhich prevents those with physical access to the computer toboot your Mac in Recovery Modein order to reset your macOS password.
Last week, WikiLeaks documented the CIA’s“Year Zero”tools that the spy organization has been allegedly using to breach iPhones, iPads, Windows, smart TVs and other devices. Soon after, Applesaidthat many of the exploits revealed in that leak have already been patched in the latest version of iOS.
