Leaks show CIA looking into Malware that can install "Over-The-Air"

While the original Wikileaks release goes all the way back to March of 2017, recent investigation by the outpost observer team shows that the CIA had the ability to wireless back-door IOS devices, and was working on implementing such technology into its "DerStarke" project.

Documents show that the "DerStarke" program began as a project examining the firmware that allows computers to boot. Through a clever trick using NVRAM (a special chip that allows the boot up process to remember things between startup), the CIA was able to install malware onto devices in an almost permanent manner. A phone infected with such a "bootkit" would remain under agency control even if the user decided to completely wipe the computer.

To make matters even scarier, the CIA discovered ways to sync this malware over the air to IOS phones. At the time of the leak, the agency was working on a technique that would allow them to "implant [DerStarke onto] a user's iPhone that is connected to the computer (either physically via USB or wirelessly via over-the-air syncing that was introduced in iOS 5)." They were also able to fake updates to the firmware, making it seem as if the user had a newer (and more secure) version.

While its over-the-air syncing was not fully developed at the time, the agency had finished developing a version that could be installed by booting from a USB drive. They even had developed a technique to "get around an EFI password that prevents booting from USB drive."

Malware targeting PC's and more traditional computers is common. However, the agency's ability to target phones on the hardware level through remote means is shocking. Conventional botnets that target cellular devices are still mostly stuck the upper levels of the operating system. Should the CIA continue these programs, they run the risk of accidentally giving advanced techniques to common criminals.

Posted on: 2018-01-03 17:35:08