Apple reassures that vulnerabilities disclosed in “Dark Matter” leak are obsolete

by Lucia Danes - -

“Dark Matter” [1] is not the title of a science-fiction show or a chapter from an astronomy book. It is Wikileaks’ most recent publication continuing the “Vault 7” leak series which began in March and focus on the exposure of United States Central Intelligence Agency’s (CIA) involvement in surveillance and cyber warfare [2]. This particular batch of documents discloses details about CIA’s possible exploitation of Macs and iOS vulnerabilities to spy on civilians and other predetermined targets [3]. Needless to say, such news seriously alarmed the Apple fans and security experts alike. Nevertheless, it now seems that panic was untimely. A day after the classified data was released, representatives of the multi-billion technology company addressed the media and reassured that the vulnerabilities featured in the leak are years old (reaching back to 2008) and have since been fixed.

Wikileaks release Apple vulnerabilities report

The most salient of the security gaps featured in the “Dark Matter” is the OS X vulnerability code-named “Sonic Screwdriver” [4] which enabled the intelligence agencies to station certain codes via USB sticks or other peripheral devices during Mac’s boot up. Apple admits that such security issues indeed affected some of the OS X, but have been patched and are no longer detected on any devices manufactured in 2013 and later. Same goes for the iPhone 3G devices. These early versions of Apple smartphone were said to be wired with a “NightSkies 1.2” exploit which was designed to run in the background of the operating system and provide “upload, download and execution” [5] capabilities to the parties of interest. Again, according to Apple, the exploit was immobilized with the release of the new iPhone 3GS and has not reoccurred in the following versions.

With all the concerns about the government tracking our every move, we should not forget that national intelligence agencies are not the only ones interested in our private information. Hackers, extortionists, and scammers pose a persistent threat to the security of our personal data. For instance, information that lands in the hands of hackers behind Zeus banking Trojan can and most likely will be exploited to steal your credentials and identity, break into your online banking accounts and cause you serious financial problems. Thus, be sure to keep on top of your cyber security at all times.

About the author

Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions

References


Files
Software
Compare
Like us on Facebook