A secret document buried in WikiLeaks’ “Vault 7” data dump serves as a sort of Rosetta Stone for the CIA’s extensive hacking operations targeting iOS devices and other consumer electronics.
Titled “IOS Team Acronyms and Terms,” the document unlocks the agency’s spyspeak. If you’re diving into Vault 7 — the massive, searchable cache of supposed CIA documents released Tuesday by WikiLeaks — the iOS terms sheet acts as a handy guide to the dizzying array of acronyms and abbreviations you’ll encounter.
In total, Wikileaks’ Vault 7 consists of 8,761 documents allegedly spirited away from the CIA by a source who “wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”
That source could be the CIA’s Edward Snowden: WikiLeaks describes the data dump as “the largest intelligence publication in history.”
A key to deciphering WikiLeaks Vault 7
The documents offer a startling look into the spy agency’s activities, many of which targeted iPhone users. Even more worryingly, WikiLeaks says the CIA lost control of its hacking tools. As a result, the malware might be used by foreign governments, cybercriminals or other bad actors to target individuals’ devices, from iPhones and Android phones to Samsung smart TVs.
As you read the Vault 7 documents, you’ll encounter terms like “Mcnugget” (Mission Control for iOS), “ElderPiggy” (a privilege escalation), “NightSkies” (a beacon/implant tool) and “IPSW” (shorthand for iPhone/iPad firmware).
CIA hacking terms explained
Some terms are colorful CIA shorthand, while others are simply jargon used by software developers and hackers. The document that defines the terms is classifed as “SECRET//NOFORN,” which means it’s not to be shared with “foreign nationals,” aka anybody who is not a U.S. citizen.
Knowing the various arcane terms makes it easier to decode the sprawling trove of CIA documents, such as the “MCNUGGET v4.0 User Guide” (.pdf). That 12-page technical document offers step-by-step instructions for building and deploying a payload to target an iOS device.
“MCNUGGET payloads are typically NIGHTSKIES installs (but not necessarily required),” the MCNUGGET user guide says. “Given a Nightskies .zip file, you can generate a MCNUGGET payload for that specific Nightskies zip file. You use the solcreate script to generate the payload.”
(Maybe you can see why the CIA needed its very own secret cheat sheet for deciphering its cyberwarriors’ jargon.)
Lewis Wallace is the managing editor of Cult of Mac and author of our weekly newsletter, The Weekender.
He’s a San Francisco-based writer and editor specializing in technology and culture. He loves his iPhone, hates Siri, and appreciates any hardware that combines form and function.
Prior to Cult of Mac, he juggled words and ideas as culture editor at Wired.com, homepage editor at TechTV, news product manager at NBCi, copy editor at PC World, reporter at The (Hayward) Daily Review and editor in chief of EveryBody’s News in Cincinnati.
He earned a bachelor of general studies degree with a journalism certificate from the University of Cincinnati. While in school, he worked as the entertainment editor of The News Record and as editor in chief of Clifton Magazine.
He’s also a bass player, who’s recorded and performed around the United States with Those Darn Accordions, The Electric Boogie Dawgz and The Mad Maggies. When not writing, editing or laying down bass lines, he plays darts and serves on the board of the San Francisco Darts League.
One response to “This WikiLeaks document is a cheat sheet for decoding the CIA’s hack attacks”
This document released by Wikileaks in the field of hacking of data with the help of Apps from Mobile like Samsung, Iphone is fully ridiculous and it shows how these mobile vendors companies are not too much concern about the privacy of their customers. Otherwise How wikileaks has publicly published this news. I believe every mobile user has their own right of freedom so it should be followed by mobile companies properly. @ Xmod