This article is more than 1 year old
Kremlin claims Apple helped NSA spy on diplomats via iPhone backdoor
Did we just time warp back to 2013?
Russian intelligence has accused American snoops and Apple of working together to backdoor iPhones to spy on "thousands" of diplomats worldwide.
These allegations from the Kremlin's Federal Security Service (FSB) coincide with Kaspersky today saying it uncovered spyware on "several dozen" iPhones belonging to the Russian infosec giant's top and middle-management.
A Kaspersky spokesperson told The Register it's aware of the FSB claims, but can't say if the two things – Uncle Sam backdooring iPhones, and the spyware found on several Kaspersky devices – are linked.
"Although the attacks look similar, we are unable to verify this as we don't have technical details on what has been reported by the FSB so far," the spokesperson said.
According to the FSB, Apple told the NSA of software vulnerabilities in its iPhone range so that American spies could compromise and monitor handhelds belonging to diplomats and embassies of Russia, NATO members, ex-Soviet nations, Israel, China, and others. Either that or Apple intentionally placed vulnerabilities for the NSA to use, it is alleged.
It's said the US used spyware to perform reconnaissance on those compromised iPhones, and that Apple cooperated with not just the NSA but also other American intelligence services to help agents spy on targets.
"In the course of ensuring the security of the Russian telecommunications infrastructure, anomalies were identified that are specific only to users of Apple mobile phones and are caused by the operation of previously unknown malicious software that uses software vulnerabilities provided by the manufacturer," the FSB claimed.
"It was found that several thousand telephone sets of this brand were infected."
The NSA declined to comment. Apple declined to comment, though told non-Register media it "never worked with any government to insert a backdoor into any Apple product and never will." The iGiant still really hasn't forgiven us for this, this, and this being read out in court by Samsung to support its position in a patent-infringement battle. But we digress.
El Reg notes the Russian intelligence agency offered no proof.
This isn't the first time the NSA has been accused of exploiting security flaws for espionage purposes: half the point of the elite intel agency is breaking into devices to spy on people, so if the Kremlin's disclosure this week is true, it's no surprise at all. We'd be more surprised if the NSA wasn't doing what the FSB has said. The Ed Snowden and CIA Vault 7 affairs are not a ChatGPT hallucination.
Still, while American intelligence operatives spying on foreign subjects — or US persons, for that matter — isn't exactly shocking, we'd strongly advise taking the Kremlin's claims with a healthy dose of skepticism as truth-telling isn't Moscow's strong point.
The main point of contention is whether Apple actually helped or cooperated with the NSA as described; the iGiant said it did not.
- Another zero-click Apple spyware maker just popped up on the radar again
- US govt pushes spyware to other countries? Senator Wyden would like a word
- Pegasus-pusher NSO gets new owner keen on the commercial spyware biz
- So the FBI 'persistently' abused its snoop powers. What's to worry about?
Also on Thursday, Kaspersky released a report on a strain of spyware it spotted, and dubbed Triangulation, on iPhones belonging to company employees. The surveillance code requires no user interaction to infect a device, and once slipped into a victim's iPhone, the spyware remains "completely hidden," according to the cybersecurity biz.
"The attack is carried out using an invisible iMessage with a malicious attachment, which, using a number of vulnerabilities in the iOS operating system, is executed on the device and installs spyware," Kaspersky said of the infections.
Once planted on the phone, the malware has access to all user data and system information, and sets to work stealing private information — including microphone recordings, photos from messages and geolocation data — and sending it to remote servers.
A Kaspersky spokesperson said the company has no "insight to share on this at this time" about who is responsible for the code. The biz doesn't even believe it was the primary target of the spyware, which is proving difficult to remove without wiping all stored data.
"The sophistication of the attack, usage of undocumented iOS features and the complexity of the payload clearly indicates that very high-skilled professionals are behind it, backed up by a significant budget with barely pure criminal intentions," the spokesperson told The Register.
The Thursday write-up "is just the beginning" of Kaspersky's investigation, and the outfit promised more details soon: "The coming days will bring more clarity and further details on the worldwide proliferation of the spyware," it promised. ®