Update: Edward Snowden has tweeted that the code names are real and would only be known by a cleared insider. The BBC has reported that some of the iOS malware allows ‘the agency to see a target’s location, activate their device’s camera and microphone, and read text communications.’
Wikileaks claims that the U.S. Central Intelligence Agency has a specialized unit within its Center for Cyber Intelligence that is devoted to developing and obtaining zero-day exploits for iOS devices. A zero-day exploit is one unknown to Apple or security researchers, so cannot specifically be protected against.
Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
Wikileaks further claims that the CIA recently ‘lost control’ of the majority of the malware used to attack iPhones and iPads …
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
The site has today released a total of 8,761 documents which it says backs its claims, and that these are merely the first part of what will be a series of leaks.
In addition to the unit focused on iOS exploits, the CIA is also reported to have teams working on attacking Android, Windows and Samsung TVs, ‘which are turned into covert microphones.’
Wikileaks says that the hacking unit is operating at such a scale that it is effectively a second NSA.
By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
The site says that it has redacted from the documents identifying information for ‘tens of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States.’
The documents have been posted on Wikileaks. We’ve reached out to Apple for comment and will update accordingly.