Sci-fi fans who have watched Doctor Who will be familiar with the term “Sonic Screwdriver”. It turns out this device has a real-life application as well, albeit it is not necessarily a positive one. It turns out his tool is used by the CIA, which issued to infect Apple Mac firmware devices to steal information. WikiLeaks has uncovered this Sonic Screwdriver is stored on a modified Thunderbolt-to-Ethernet Adapter
The Sonic Screwdriver Is A Real Thing
Although this new relation by Wikileaks may disappoint a few Doctor Who fans, it is evident the CIA has gone to great lengths to develop their spyware. By targeting Mac users in particular, the government agency has caused quite a stir. Although Apple users are not more – or less – prone to commit online nefarious activities, the user base is of keen interest to the CIA for some unknown reason.
The new documentation package revealed by WikiLeaks contains a lot of interesting information regarding the CIA’s Sonic Screwdriver. As it turns out, this tool is designed to execute code on peripheral devices while a Mac system is booting. Additionally, the Sonic Screwdriver gives assailants an option to boot their attack software from a pluggable device, such as a USB stick.
While this is not groundbreaking by any means, the Sonic Screwdriver can be operated even when a firmware password is enabled. It is this part that has quite a few people concerned right now. This goes to show any precautions taken by Apple or even the computer user will not be sufficient to prevent this attack from materializing. Unfortunately, that is not even the worst part.
The WikiLeaks documentation also reveals how the Sonic Screwdriver is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter. It is impossible to predict how many users may have been affected by this spyware to date, although it is speculated the CIA may have used these attacks against organizations and smaller companies. This attack does require physical access to the device, which should keep most consumers safe from harm.
That being said, once the adapter plugs into any Mac device, the implanted code will scan all storage drivers for a volume with the “FILER” name. Assuming the spyware finds its target, it will then execute the Sonic Screwdriver code and allow the CIA to remotely control the computer. It is evident this will be used to not only snoop around on the computer itself, but also to record communications and who knows what else.
It is equally possible for the CIA to intercept machines between the factory and the customer or store, though. The potential ramifications of this type of behavior are impossible to oversee. It is evident the CIA has been using the Sonic Screwdriver for quite some time now, and no Mac user should feel safe at this point. The CIA has been using all kinds of tools to spy on consumers and companies, that much is certain.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.