Intel, Others Respond To Vault 7 CIA WikiLeaks With New Security Tools

by Shanthi Rexaline, Benzinga Editor
March 19, 2017 10:19 PM | 3 min read | Make a Comment
It's been a little over a week since WikiLeaks made its latest round of revelations; this time around, the bombshell was cyberhacking by the CIA. Even before the dust around the disclosures settle down, U.S. companies responded to the data breach, demonstrating their nimbleness and dynamism.

The Case In Brief

Last week, WikiLeaks released the first part of a series of leaks code named "Vault 7," with the first part termed as "Year Zero." The publisher indicated in the leaks that the CIA had used sophisticated software tools to break into smartphones, computers and TVs. The companies whose products were compromised included Apple Inc. AAPL, Microsoft Corporation MSFT, Alphabet Inc GOOG GOOGL and SAMSUNG ELECTRONIC KRW5000 SSNLF.

Intel Springs Into Action

Intel Corporation INTC's security unit McAfee announced the release a detection tool for EFI rootkits following the WikiLeaks revelation.

A rootkit is a software designed to conceal any compromise on an operating system. It works by empowering the viruses and malware to pose as necessary files, thereby avoiding detection by antivirus software.

EFI, or extensible firmware Interface, is a new firmware standard for operating system that supports fast PC startup, bootable GPT hard drive and large capacity more than 2T. It runs before the operating system and initializes the various hardware components during the boot process.

Therefore, a malicious program hidden inside the EFI can inject malicious code into the OS kernel, helping to restore any malware removed from the computer, a report in PC World explains.

The WikiLeaks disclosure mentioned an OS X implant called DerStarke, which consists of a kernel code injection module called Bokor and an EFI persistence module called DarkMatter. The CIA Embedded Development Branch document leaked by WikiLeaks also refers to another implant called QuarkMatter.

Others Scramble To Cover Up

A SBS report, quoting Czech anti-virus software maker Avast VP Sinan Eren, said the company had sought from Apple and Google privileged access to their devices to offer fixes for known bugs.

"If we can drive a paradigm shift where mobile platforms don't shut off access, we'll be better able to detect when hackers are hiding in a mobile (phone)," Eren was quoted as saying.

Meanwhile, Apple quickly moved in to quell worries by stating that many of the issues were already patched in the latest iOS. The company also urged its customers to download the latest iOS to ascertain that they have the most recent security update.

A Reuters report said Microsoft suggested that it is looking into the issue, although it said Google declined to comment.

Related Links:

<href="https://www.benzinga.com/news/17/03/9144585/every-company-exposed-to-the-cia-cyberhacking-scandal-so-far"> Every Company Exposed To The CIA Cyberhacking Scandal, So Far Here's All Of Wikileaks' Bombshells Since It Was Founded 10 Years Ago

Market News and Data brought to you by Benzinga APIs

Ā© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

Posted In: NewsPoliticsTopicsEventsTechMediaTrading IdeasGeneralAvastBokerCIACIA Embedded DevelopmentDarkMatterDerStarkeEFIQuarkMatterReutersSBSSinan ErenVault 7WikiLeaksYear Zero
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!