The Case In Brief
Last week, WikiLeaks released the first part of a series of leaks code named "Vault 7," with the first part termed as "Year Zero." The publisher indicated in the leaks that the CIA had used sophisticated software tools to break into smartphones, computers and TVs. The companies whose products were compromised included Apple Inc. AAPL, Microsoft Corporation MSFT, Alphabet Inc GOOG GOOGL and SAMSUNG ELECTRONIC KRW5000 SSNLF.
Intel Springs Into Action
Intel Corporation INTC's security unit McAfee announced the release a detection tool for EFI rootkits following the WikiLeaks revelation.
ICYMI we released a detection tool for EFI rootkits after last week's #WikiLeaks dump. Details here: https://t.co/44GodO19uJ via @pcworld
— McAfee (@McAfee) March 15, 2017
A rootkit is a software designed to conceal any compromise on an operating system. It works by empowering the viruses and malware to pose as necessary files, thereby avoiding detection by antivirus software.
EFI, or extensible firmware Interface, is a new firmware standard for operating system that supports fast PC startup, bootable GPT hard drive and large capacity more than 2T. It runs before the operating system and initializes the various hardware components during the boot process.
Therefore, a malicious program hidden inside the EFI can inject malicious code into the OS kernel, helping to restore any malware removed from the computer, a report in PC World explains.
The WikiLeaks disclosure mentioned an OS X implant called DerStarke, which consists of a kernel code injection module called Bokor and an EFI persistence module called DarkMatter. The CIA Embedded Development Branch document leaked by WikiLeaks also refers to another implant called QuarkMatter.
Others Scramble To Cover Up
A SBS report, quoting Czech anti-virus software maker Avast VP Sinan Eren, said the company had sought from Apple and Google privileged access to their devices to offer fixes for known bugs.
"If we can drive a paradigm shift where mobile platforms don't shut off access, we'll be better able to detect when hackers are hiding in a mobile (phone)," Eren was quoted as saying.
Meanwhile, Apple quickly moved in to quell worries by stating that many of the issues were already patched in the latest iOS. The company also urged its customers to download the latest iOS to ascertain that they have the most recent security update.
Here's Apple's statement on iOS-related stuff in the WikiLeaks CIA data dump. pic.twitter.com/QiAWx8ZXpT
— John Paczkowski (@JohnPaczkowski) March 8, 2017
A Reuters report said Microsoft suggested that it is looking into the issue, although it said Google declined to comment.
Related Links:
Here's All Of Wikileaks' Bombshells Since It Was Founded 10 Years Ago
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.