#Vault7: Intel Security releases new detection tools following WikiLeaks’ CIA revelations
The malware, or ‘rootkit’, is designed to allow access to parts of a computer where it typically wouldn’t be allowed and can hide the existence of other activities.
According to the leaked data, the CIA created Extensible Firmware Interface (EFI) rootkits to hack into Apple Macbooks. The malicious software can allegedly embed itself in a computer’s low-level firmware and runs as the system is booting up. It is also coded to survive system updates, reinstallations, and can restore malware that gets removed.
In response to the WikiLeaks release, Intel Security’s Advanced Threat Research team has created a new module for its existing CHIPSEC open-source framework that can detect the rogue EFI. The module can run on Windows, Linux, and macOS.
Speaking to RT this week, John McAfee, the creator of McAfee, which is now Intel Security, said that the CIA is failing in its mandate to protect the American people, likening its practices to withholding penicillin from someone who is sick.
McAfee argued that the world needs a new paradigm on how to deal with cyberweapons, as he claims they are potentially “many times more devastating” than nuclear weapons.
On Tuesday, WikiLeaks published a massive batch of leaked classified documents that detail the CIA’s arsenal of cyberweapons. The anti-secrecy site said the documents detail “the entire hacking capacity of the CIA.” It is believed that they received the files from a private contractor who was working for the intelligence agency.
Among the many revelations in the cache of files is that the agency has reportedly created tools that allow it to hack into the world’s most popular smartphones and make them send location information, as well as text and audio data.
The CIA is also allegedly able to turn Samsung TVs into covert listening devices and can disguise its hacks to make them appear as if they are coming from other countries such as Russia, Iran, and China.