Earlier in March, WikiLeaks began "Vault 7," a project focused on sharing exploits created and used by the United States Central Intelligence Agency, beginning with leaking 8,761 documents discovered within an isolated network in Langley, Virginia. Following the release of iOS-related documents, as well as some Mac exploits, Vault 7's publications didn't specifically include Apple products for much of the year.

Now, the leakers have shared two new exploits that are said to have been created under the codenamed "Imperial" project by the CIA. The first is called "Achilles," and WikiLeaks said it allows an operator to trojan a disk image installer on a Mac computer, giving the operator "one or more desired...executables" for a one-time execution. This means that a .dmg file could be downloaded by a user, containing malicious content, and dragged into their application directory without knowing.

MacBook Pro snow leopard
In the Achilles user guide, it's explained that the trojaned .dmg file would behave similarly to the original file, and that all of the operator's intended executables would run the first time the app is launched. Afterwards, all traces of Achilles would be "removed securely" from the .app file and that file would "exactly resemble" the original, un-trojaned application. Achilles was only tested on OS X 10.6, which is Apple's Snow Leopard operating system that launched in 2009.

Achilles is a capability that provides an operator the ability to trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.

The second exploit is called "SeaPea," and is described as a Rootkit for OS X that provides an operator with "stealth and tool launching capabilities." SeaPea hides files and directories, socket connections, and processes from the user, allowing the operator to access a Mac computer without their presence being known.

SeaPea was tested on Macs running both OS X 10.6 and OS X 10.7 (Lion), and requires root access to be installed on the Mac in question. The vulnerability would remain on the computer until the hard drive was reformatted or the user upgraded to the next major OS version.

SeaPea is an OS X Rootkit that provides stealth and tool launching capabilities. It hides files/directories, socket connections and/or processes. It runs on Mac OSX 10.6 and 10.7.

Among the Imperial documents is an automated implant for Windows devices called Aeris, which rounds out all of the leaked CIA files published by WikiLeaks today. Another Vault 7 release earlier this summer focused on the use of modified versions of router firmware to turn networking devices into surveillance tools, called "Cherry Blossom."

Due to the older Mac software used for testing Achilles and SeaPea, it's likely that such exploits have already been addressed by Apple in the numerous updates that have been released since Snow Leopard in 2009 and Lion in 2011. The previous vulnerabilities leaked by WikiLeaks in March were quickly addressed by Apple, which said that it had fixed the "alleged" vulnerabilities in iPhone 3G devices (called "NightSkies") back in 2009, and the Sonic Screwdriver Mac exploit in all Macs released after 2013.

Top Rated Comments

lunarworks Avatar
102 months ago
Guess all those Snow Leopard fanatics are going to have to finally upgrade... ;)
Score: 11 Votes (Like | Disagree)
826317 Avatar
102 months ago
I don't understand how Americans let alone the rest of the world are not up in arms about these state funded programs..
Score: 9 Votes (Like | Disagree)
simonmet Avatar
102 months ago
Funny that this article doesn’t have the “Due to the political nature...” “warning” and restrictions but far less political and controversial ones often do.

I don’t believe all this secrecy is ultimately benefial or worth the risks to privacy and misuse.

The code name “Imperial” says it all. Our governments think they’re imperial masters/overloads and we are subjugated like pawns to them.
Score: 5 Votes (Like | Disagree)
2b1ask1 Avatar
102 months ago
I don't understand how Americans let alone the rest of the world are not up in arms about these state funded programs..
Agreed.

Because the same state funded programs pay "influencers' all over the internet to scream "conspiracy theory" when this stuff gets released.

Simple.
Score: 3 Votes (Like | Disagree)
Westside guy Avatar
102 months ago
In the Achilles user guide, ...
It's a bad state of affairs when a piece of government spyware is more user-friendly than the majority of applications out there.
Score: 3 Votes (Like | Disagree)
OLDCODGER Avatar
102 months ago
Guess all those Snow Leopard fanatics are going to have to finally upgrade... ;)
Lol, not a chance!
Score: 3 Votes (Like | Disagree)

Popular Stories

Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
iPhone 17 Air Pastel Feature

iPhone 17 Air Battery Capacity and Weight Allegedly Revealed

Monday May 19, 2025 2:22 am PDT by
Apple is expected to launch an all-new ultra-thin iPhone 17 Air later this year, and while there have been plenty of rumors about the camera's overall design and thinness, we haven't heard any details about the device's weight and battery capacity until now. According to the leaker going by the account name "yeux1122" on the Korean-langauge Naver blog, the 6.6-inch iPhone 17 Air has a weight ...
Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...
WWDC 2025 Banner

Apple Announces WWDC 2025 Schedule, Including Keynote Time

Tuesday May 20, 2025 8:13 am PDT by
Apple today announced a more detailed schedule for its annual developers conference WWDC, which runs from June 9 through June 13. The schedule confirms that Apple's keynote will begin on Monday, June 9 at 10 a.m. Pacific Time, with a live stream to be available on Apple.com, in the Apple TV app, and on YouTube. During the keynote, Apple is expected to announce iOS 19, iPadOS 19, macOS 16,...
CarPlay Ultra Climate Controls

Apple Says These Vehicle Brands Plan to Offer All-New CarPlay Ultra

Thursday May 15, 2025 8:13 am PDT by
Apple today announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. CarPlay Ultra features deep integration with a vehicle's instrument cluster and systems, built-in Radio and Climate apps, customizable widgets, and more. The interface is tailored to each vehicle model and automaker's identity, and drivers can also adjust...
Apple Intelligence General Feature

Report: Apple's Next-Gen Version of Siri Is 'On Par' With ChatGPT

Monday May 19, 2025 9:00 am PDT by
Apple has big plans to improve Siri over the next few years, Bloomberg's Mark Gurman and Drake Bennett report. Some Apple executives are now reportedly pushing to turn Siri into a true ChatGPT competitor. A next-generation, chatbot version of Siri has reportedly made significant progress during testing over the past six months; some executives allegedly now see it as "on par" with recent...
macOS 16 visionOS Inspired Feature 1

macOS 16: Everything We Know So Far

Tuesday May 20, 2025 7:31 am PDT by
The Worldwide Developers Conference (WWDC), Apple's annual developer and software-oriented event, is less than three weeks away. We haven't heard a great deal about macOS 16 ahead of its announcement this year, so we could be in for some major surprises when June 9 rolls around. Here's what we know so far about the next major update to Apple's Mac operating system. macOS 16 Name? Every year ...