Russia says US hacked thousands of iPhones in spy plot; Apple denies
MOSCOW — Russia’s Federal Security Service (FSB) said Thursday, June 1, it had uncovered an American espionage operation that compromised thousands of iPhones using sophisticated surveillance software.
Moscow-based Kaspersky Lab said dozens of its employees’ devices were compromised in the operation.
The FSB, the main successor to the Soviet-era KGB, said in a statement that several thousand Apple Inc devices had been infected, including those of domestic Russian subscribers as well as foreign diplomats based in Russia and the former Soviet Union.
“The FSB has uncovered an intelligence action of the American special services using Apple mobile devices,” the FSB said in a statement.
The FSB said the plot showed “close cooperation” between Apple and the National Security Agency or NSA, the US agency responsible for cryptographic and communications intelligence and security. The FSB provided no evidence that Apple cooperated with, or had any awareness of, the spying campaign.
Article continues after this advertisementThe NSA declined to comment. The White House did not respond to repeated requests for comment.
Article continues after this advertisementBut Apple Inc is denying Russia’s claims.
In a statement, the company said it has “never worked with any government to insert a backdoor into any apple product and never will.”
Kaspersky CEO Eugene Kaspersky said on Twitter that dozens of his employees’ phones were compromised in the operation, which his company described as “an extremely complex, professionally targeted cyberattack” that had targeted workers in “top and middle-management.”
Kaspersky researcher Igor Kuznetsov told Reuters that his company had independently discovered anomalous traffic on its corporate Wi-Fi network around the start of the year. He said Kaspersky did not circulate its findings to Russia’s Computer Emergency Response Team until earlier on Thursday.
He said he could not comment on Moscow’s allegation that Americans were responsible for the hacking or that thousands of others had been targeted.
“It’s very hard to attribute anything to anyone,” he said. “We were only investigating our own compromise, only inside our own network.”
The FSB said the Americans had compromised diplomats from Israel, Syria, China and NATO members in the espionage campaign.
Israeli officials declined comment. Chinese, Syrian and NATO representatives were not immediately able to provide comment.
US snooping?
The United States is the world’s top cyber power in terms of intent and capability, according to Harvard University’s Belfer Center Cyber 2022 Power Index, followed by China, Russia, the United Kingdom and Australia.
Both the Kremlin and Russia’s foreign ministry pointed to the significance of the matter.
“The hidden data collection was carried out through software vulnerabilities in U.S.-made mobile phones,” Russia’s foreign ministry said in a statement.
“The US intelligence services have been using IT corporations for decades in order to collect large-scale data of Internet users without their knowledge,” the ministry said.
READ: Russia arrests US reporter on spy charges in further blow to dire relations
Russian officials said the plot had been uncovered as part of a joint effort by FSB officers and those of the Federal Guards Service (FSO), a powerful agency that runs the Kremlin bodyguard and was also once the KGB’s Ninth Directorate.
Officials in Russia, which Western spies say has constructed a very sophisticated domestic surveillance structure, have long questioned the security of US technology.
Kremlin spokesman Dmitry Peskov said all officials in the presidential administration knew that gadgets such as iPhones were “absolutely transparent.”
READ: In new video, CIA urges Russians to leak ‘the truth’
“Using them for official purposes is unacceptable and prohibited,” Peskov said, adding that officials were free to use iPhones for private, non-official communication.
Russian President Vladimir Putin has always said he has no smartphone, though the Kremlin has said the former KGB spy does use the internet from time to time.
Phone spyware
Kaspersky Lab said the spyware was delivered by an invisible message that took advantage of vulnerabilities in Apple’s iOS operating system. Information from the phone would then be spirited away to remote servers.
READ: What do the leaked US documents say?
Kaspersky said the oldest traces of infection it discovered dated back to 2019. “As of the time of writing in June 2023, the attack is ongoing,” the company said. It added that while its staff was hit, “we are quite confident that Kaspersky was not the main target of this cyberattack.”
The revelation is likely to deepen suspicions about Apple in Russia.
Earlier this year, the Kremlin told officials involved in preparations for Russia’s 2024 presidential election to stop using Apple iPhones because of concerns that the devices are vulnerable to Western intelligence agencies, the Kommersant newspaper reported.
READ: Russian blogger charged with spying in Albania asks for asylum