Wikileaks targets CIA is a new data dump.
Wikileaks is out with 8,761 documents it claims shows that the U.S. Central Intelligence Agency (CIA) has developed and obtained zero-day exploits for iOS devices. Even more worrisome, the agency has “lost control” of the majority of this malware.
In what it promises to be the first of many data drops on the CIA, Wikileaks says that these zero-day exploits are unknown to Apple or security researchers. As such, there’s no way to currently protect an end-user from them.
A specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
Many of the CIA’s hacking arsenal, unfortunately, has been lost. These include “malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation.”
As The New York Times rightly notes, this is all very troubling:
Among other disclosures that, if confirmed, will rock the tech world, the WikiLeaks release said that the C.I.A. and allied intelligence services had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram.
We’ll continue to follow this story and let you know whether Apple makes a comment on it.
In the meantime, do you believe the CIA would create malware for iOS devices? Let us know below.