Earlier in March, WikiLeaks began "Vault 7," a project focused on sharing exploits created and used by the United States Central Intelligence Agency, beginning with leaking 8,761 documents discovered within an isolated network in Langley, Virginia. Following the release of iOS-related documents, as well as some Mac exploits, Vault 7's publications didn't specifically include Apple products for much of the year.

Now, the leakers have shared two new exploits that are said to have been created under the codenamed "Imperial" project by the CIA. The first is called "Achilles," and WikiLeaks said it allows an operator to trojan a disk image installer on a Mac computer, giving the operator "one or more desired...executables" for a one-time execution. This means that a .dmg file could be downloaded by a user, containing malicious content, and dragged into their application directory without knowing.

MacBook Pro snow leopard
In the Achilles user guide, it's explained that the trojaned .dmg file would behave similarly to the original file, and that all of the operator's intended executables would run the first time the app is launched. Afterwards, all traces of Achilles would be "removed securely" from the .app file and that file would "exactly resemble" the original, un-trojaned application. Achilles was only tested on OS X 10.6, which is Apple's Snow Leopard operating system that launched in 2009.

Achilles is a capability that provides an operator the ability to trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.

The second exploit is called "SeaPea," and is described as a Rootkit for OS X that provides an operator with "stealth and tool launching capabilities." SeaPea hides files and directories, socket connections, and processes from the user, allowing the operator to access a Mac computer without their presence being known.

SeaPea was tested on Macs running both OS X 10.6 and OS X 10.7 (Lion), and requires root access to be installed on the Mac in question. The vulnerability would remain on the computer until the hard drive was reformatted or the user upgraded to the next major OS version.

SeaPea is an OS X Rootkit that provides stealth and tool launching capabilities. It hides files/directories, socket connections and/or processes. It runs on Mac OSX 10.6 and 10.7.

Among the Imperial documents is an automated implant for Windows devices called Aeris, which rounds out all of the leaked CIA files published by WikiLeaks today. Another Vault 7 release earlier this summer focused on the use of modified versions of router firmware to turn networking devices into surveillance tools, called "Cherry Blossom."

Due to the older Mac software used for testing Achilles and SeaPea, it's likely that such exploits have already been addressed by Apple in the numerous updates that have been released since Snow Leopard in 2009 and Lion in 2011. The previous vulnerabilities leaked by WikiLeaks in March were quickly addressed by Apple, which said that it had fixed the "alleged" vulnerabilities in iPhone 3G devices (called "NightSkies") back in 2009, and the Sonic Screwdriver Mac exploit in all Macs released after 2013.

Top Rated Comments

lunarworks Avatar
54 months ago
Guess all those Snow Leopard fanatics are going to have to finally upgrade... ;)
Score: 11 Votes (Like | Disagree)
826317 Avatar
54 months ago
I don't understand how Americans let alone the rest of the world are not up in arms about these state funded programs..
Score: 9 Votes (Like | Disagree)
simonmet Avatar
54 months ago
Funny that this article doesn’t have the “Due to the political nature...” “warning” and restrictions but far less political and controversial ones often do.

I don’t believe all this secrecy is ultimately benefial or worth the risks to privacy and misuse.

The code name “Imperial” says it all. Our governments think they’re imperial masters/overloads and we are subjugated like pawns to them.
Score: 5 Votes (Like | Disagree)
2b1ask1 Avatar
54 months ago
I don't understand how Americans let alone the rest of the world are not up in arms about these state funded programs..
Agreed.

Because the same state funded programs pay "influencers' all over the internet to scream "conspiracy theory" when this stuff gets released.

Simple.
Score: 3 Votes (Like | Disagree)
Westside guy Avatar
54 months ago
In the Achilles user guide, ...
It's a bad state of affairs when a piece of government spyware is more user-friendly than the majority of applications out there.
Score: 3 Votes (Like | Disagree)
OLDCODGER Avatar
54 months ago
Guess all those Snow Leopard fanatics are going to have to finally upgrade... ;)
Lol, not a chance!
Score: 3 Votes (Like | Disagree)

Top Stories

calculatorapp

iOS 11 Bug: Typing 1+2+3 Quickly in the Calculator App Won't Get You 6

Tuesday October 24, 2017 2:03 pm PDT by
A bug in the built-in Calculator app in iOS 11 is getting some major attention this week, despite the fact that it's been around since iOS 11 was in beta testing. At issue is a calculator animation that causes some symbols to be ignored when calculations are entered in rapid succession. You can try it for yourself: Type 1+2+3 and then the equals sign into the Calculator app quickly. Due to...
gradiente iphone white

Brazilian Electronics Company Revives Long-Running iPhone Trademark Dispute

Tuesday May 19, 2020 1:06 pm PDT by
Apple has been involved in a long-running iPhone trademark dispute in Brazil, which was revived today by IGB Electronica, a Brazilian consumer electronics company that originally registered the "iPhone" name in 2000. IGB Electronica fought a multi-year battle with Apple in an attempt to get exclusive rights to the "iPhone" trademark, but ultimately lost, and now the case has been brought to...
original iphone

Phil Schiller Says iPhone Was 'Earth-Shattering' Ten Years Ago and Remains 'Unmatched' Today

Monday January 9, 2017 7:15 am PST by
To commemorate the tenth anniversary of the iPhone, Apple marketing chief Phil Schiller sat down with tech journalist Steven Levy for a wide-ranging interview about the smartphone's past, present, and future. The report first reflects upon the iPhone's lack of support for third-party apps in its first year. The argument inside Apple was split between whether the iPhone should be a closed...
iphone 12 colors 2021

iPhone 12 Colors: Deciding on The Right Color

Thursday November 5, 2020 8:35 am PST by
The iPhone 12 and iPhone 12 Pro arrived last October in a range of color options, with entirely new hues available on both devices, as well as some popular classics. The 12 and 12 Pro have different color choices, so if you have your heart set on a particular shade, you might not be able to get your preferred model in that color. iPhone 12 mini and iPhone 12 The iPhone 12 mini and iPhone 12...
iPhone 13 Dummy Thumbnail 2

Full iPhone 13 Feature Breakdown: Everything Rumors Say We Can Expect

Tuesday August 31, 2021 7:50 am PDT by
With the launch of Apple's iPhone 13 lineup believed to be just a few weeks away, we have compiled all of the coherent rumors from our coverage over the past year to build a full picture of the features and upgrades coming to the company's new smartphones. For clarity, only explicit improvements, upgrades, and new features compared to the iPhone 12 lineup are listed. It is worth noting that...
omg lightning cable comparison

Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords

Thursday September 2, 2021 6:59 am PDT by
A normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed, Vice reports. The "OMG Cable" compared to Apple's Lightning to USB cable. The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a...
macbook air deals

Deals: Amazon Drops Price of 256GB M1 MacBook Air to New Low of $849.99 ($149 Off)

Friday August 27, 2021 6:16 am PDT by
Amazon today introduced new low prices on the M1 MacBook Air for both 256GB and 512GB storage options. To start, you can get the 256GB model for $849.99, down from an original price of $999.00. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Only Silver and Gold are...
maxresdefault

New MacBook Pro Models Coming at WWDC, Suggests Leaker

Monday May 24, 2021 1:27 pm PDT by
New MacBook Pro models are coming at WWDC, according to leaker Jon Prosser who has a mixed track record when it comes to predicting Apple's plans. Subscribe to the MacRumors YouTube channel for more videos. Prosser provided no additional information, but there are new 14 and 16-inch MacBook Pro models in the works. The new MacBook Pros will feature the most radical redesign to the MacBook Pro ...
M1X MBP Feature

Leaker: Upcoming MacBook Pro to See Price Hike Over Current Model, Equal Performance Across 14 and 16-Inch Sizes

Tuesday August 24, 2021 5:28 am PDT by
The upcoming 14-inch MacBook Pro is set to be more expensive than the current 13-inch MacBook Pro and both the 14 and 16-inch models will offer the same performance, according to the leaker known as "Dylandkt." The leaker shared the information on Twitter, explaining that both of the upcoming MacBook Pro models, expected to come in 14 and 16-inch sizes, will feature the same performance due...
iPhone 13 Dummy Thumbnail 2

Kuo: iPhone 13 to Feature LEO Satellite Communications to Make Calls and Texts Without Cellular Coverage

Sunday August 29, 2021 7:39 am PDT by
The iPhone 13 will feature low earth orbit (LEO) satellite communication connectivity to allow users to make calls and send messages in areas without 4G or 5G coverage, according to the reliable analyst Ming-Chi Kuo. In a note to investors, seen by MacRumors, Kuo explained that the iPhone 13 lineup will feature hardware that is able to connect to LEO satellites. If enabled with the relevant...