The Russian Federal Security Service (FSB), has accused Apple of colluding with the USA’s top spy agency, the NSA, to infect iPhones with malicious code to eavesdrop on calls of diplomats and other people of interest.
The FSB, which is the successor to the KGB, claims several thousand iPhones in use by diplomats and people the NSA want to monitor have been infected:
“The company (Apple) provides American intelligence services with a wide range of opportunities to control both any persons of interest to the White House, including their partners in anti-Russian activities, and their own citizens.
“There is infection of foreign numbers and subscribers SIM cards registered at diplomatic missions and embassies in Russia, including the countries of the NATO bloc and the post-Soviet space, as well as Israel, SAR and China’ claims the FSB.
“Information received by the Russian intelligence services testifies to the close cooperation of the American company Apple with the national intelligence community, in particular the U.S. NSA, and confirms that the declared policy of ensuring the confidentiality of personal data of users of Apple devices is not true”.
Apple denies the claims saying “it has “never worked with any government to insert a backdoor into any Apple product and never will.”
It is likely the information to the Russian intelligence agency about the alleged attacks came from cyber security company Kaspersky Labs in Moscow.
CEO Eugene Kaspersk said the company had discovered a complex, professionally-targeted cyberattack that uses iPhones.
“The purpose of this attack is the inconspicuous introduction of spyware into the iPhones of employees of the company – both top and middle-management” he said.
“The attack is carried out using an invisible iMessage with a malicious attachment, which, using a number of vulnerabilities in the iOS operating system, is executed on the device and installs spyware.
“The deployment of the spyware is completely hidden and requires no action from the user. Further, the spyware also quietly transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation and data about a number of other activities of the owner of the infected device.
Kaspersky experts Igor Kuznetsov, Valentin Pashkov Leonid Bezvershenko and George Kucherin discovered the cyber attack. Their report states:
“The attack is carried out as discreetly as possible, however, the fact of infection was detected by Kaspersky Unified Monitoring and Analysis Platform, a native solution for information and event management. The system detected an anomaly in our network coming from Apple devices. Further investigation from our team showed that several dozen iPhones of our employees were infected with a new, extremely technologically sophisticated spyware we dubbed ‘Triangulation’
“While monitoring the network traffic of our own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), we noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices from the inside, we created offline backups of the devices in question, inspected them using the Mobile Verification Toolkit’s mvt-ios and discovered traces of compromise. We are calling this campaign “Operation Triangulation”, and all the related information we have on it will be collected on the Operation Triangulation page.”