WikiLeaks has cast doubts on Apple's recent statement of having already fixed vulnerabilities linked to alleged CIA hacking tools targeting Apple products.
The whistleblowing platform recently released new documents as part of its latest Vault 7 release, which allegedly details how the CIA developed customised hacking tools to compromise iPhones and Macs. Apple responded to WikiLeaks' disclosures, clarifying that the vulnerabilities detailed in WikiLeaks' latest Vault 7 release, titled "DarkMatter", have already been fixed.
Apple's response to WikiLeaks' DarkMatter release read, "We have preliminarily assessed the WikiLeaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013."
However, WikiLeaks disputes Apple's claim. Following Apple's statement regarding DarkMatter exploits, the transparency platform posted on Twitter, "Apple's claim that it has "fixed" all 'vulnerabilities' described in DARKMATTER is duplicitous. EFI is a systemic problem, not a zero-day.
In another tweet, WikiLeaks wrote, "Darkmatter+Triton can be remotely installed CIA has 2016 version: DerStarke2.0 EFI is not fixable 'vulnerability'."
WikiLeaks claimed as part of its "DarkMatter" release that it possesses other Vault 7 documents, which indicate that "as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.
DerStarke is CIA's alleged virtually undetectable firmware, that acts as a loader for the Triton malware, which the spy agency allegedly used to hack into Macbooks.
WikiLeaks' tweets seemingly stress that Apple products may still be vulnerable to being compromised, despite the tech giant's confidence in having addressed the security issues.
Meanwhile, WikiLeaks' attempts at garnering a relationship with tech giants such as Apple, Google and others appears to have hit a snag. The whistleblowing platform claimed that it has reached out to Silicon Valley giants about providing access to its Vault 7 exploits. However, WikiLeaks included a list of demands to be met, without which it refused to provide access to firms.
Apple has said that it will not negotiate with WikiLeaks for any information and that so far, the transparency platform has not provided it with any data that was not already publicly available.
You may be interested in:
- Is eBay putting users' security at risk by 'downgrading' to text-based authentication?
- How to protect your iCloud account from being hacked: Five best ways to keep secure
- Double Agent: Critical zero-day security flaw turns all antivirus software against you
- WikiLeaks: Apple's fix for CIA DarkMatter hacks is 'duplicitous'