Russia Alleges US Intelligence Breached Thousands of iPhones; Apple Responds
The primary security agency of Russia has alleged that an American intelligence agency hacked numerous iPhones, including those owned by Russian citizens and individuals associated with diplomatic missions and embassies located in the nation.
The statement from Russia’s Federal Security Service, better known as the FSB, was scant on detail and did not specify which US intelligence agency was behind the alleged attacks. Russia’s security agency claimed that Apple Inc., the maker of the iPhone, cooperates closely with US intelligence, particularly the National Security Agency. The statement says that the attacks are related to the SIM cards of diplomats living in Russia registered to NATO countries, Israel and China.
Apple’s spokesperson has not commented on whether Russian iPhones have been hacked. But a spokesperson said the company has not helped any government hack into iPhones, as the FSB suggested, and never will. Apple stopped selling products in Russia after the occupation of Ukraine, but iPhones are still widely available through parallel import schemes.
A representative of the National Security Agency declined to comment. Representatives of the Chinese and Israeli embassies in Washington did not immediately respond to requests for comment.
Separately, Moscow-based cybersecurity firm Kaspersky released a message saying dozens of its employees’ iPhones had been hacked and containing technical details of how the alleged operation worked. The hack went undetected for years, according to the blog post’s timeline. Kaspersky has not specified who it believes is behind the attack, describing it as a “highly sophisticated and professional cyber attack”.
A Kaspersky spokesperson said in an email that the hacking campaign was discovered at the beginning of the year. He noted that Russian officials had indicated that the attacks were linked, and a Kaspersky employee tweeted that the FSB and Kaspersky statements were linked. Kaspersky said the spyware runs on an outdated version of Apple’s operating system.
The claims, which were made at a time when US-Russian relations were exceptionally strained over the war in Ukraine, could not be confirmed. The US provides Ukraine with intelligence support and military equipment, but does its best to avoid direct confrontation with Russia. Additionally, the US Department of Justice announced just last month that it had shut down a years-long hacking campaign carried out by a notorious FSB unit called “Turla”. The malware, dubbed “The Adder,” has allegedly affected more than 50 countries and has been used by Russian hackers for more than 20 years, according to US officials.
The US government banned Kaspersky software from federal systems in 2017 over espionage concerns, and last year the Federal Communications Commission put the Russian company on a list of companies whose equipment and services it deemed a threat to national security. After Russia’s attack on Ukraine last year, NSA cybersecurity director Rob Joyce told Bloomberg News he was “very concerned” about US companies’ use of Kaspersky antivirus products, saying they were “empty in this global situation.”
Cybersecurity experts who reviewed Kaspersky’s blog said the hackers appear to be using advanced techniques to hack the iPhone, but added that more information is needed to get a definitive answer.
“The sophistication of these attacks limits them to a handful of the world’s most powerful players in the attack space, and I have a feeling we’ll learn more about the origins as Apple begins to notify victims,” said Zak Janot, CEO. From Israel-based Sunday Security, which evaluated Kasperky’s findings. .
According to Kaspersky, the hackers penetrated the devices by sending a malicious attachment via iMessage. The user does not need to click anything for the hack to work, i.e. a “zero click” attack. The method is considered the gold standard for hackers to break into computers or mobile devices and is sold by commercial surveillance companies, including Israel’s NSO Group.
said Patrick Wardle, founder of the Objective-See Foundation, a nonprofit that specializes in Apple’s security tools, and a former NSA employee.
“It would be too risky to go after Kaspersky, you have to assume you’re going to get caught eventually,” he said.
The U.S. government and U.S.-based cybersecurity companies often report on the inner workings of alleged hacking operations by foreign actors, particularly those operating in Russia, China, Iran, and North Korea. But it is unusual for these countries to provide technical information about alleged US hacking campaigns.
CEO Eugene Kaspersky said in a blog post that the spyware, which he calls a “triad,” “sends private information to remote servers: microphone recordings, images from instant messaging, geographic location, and information about a variety of other activities.” He said the threat of an attack on the company had been “neutralized”.