Russia alleges the US NSA has conducted a mass spying operation on thousands of iPhones in Russia, and that Apple aided it
Russia’s Federal Security Service (FSB) on Thursday alleged the US National Security Agency (NSA) has conducted an espionage operation against Russian iPhone users, and was aided by Apple.
The successor to the Soviet era KGB alleged the NSA has compromised thousands of iPhones in Russia using sophisticated surveillance software, Reuters reported.
The FSB allegations coincide with Moscow-based security specialist Kaspersky Lab alleging in a blog post that it had uncovered spyware on “several dozen” iPhones belonging to its staff.
The FSB in its statement said that several thousand Apple devices had been infected, including those of domestic Russian subscribers as well as foreign diplomats based in Russia.
The FSB reportedly said the NSA hackers had compromised diplomats from Israel, Syria, China and NATO members in the espionage campaign.
“The FSB has uncovered an intelligence action of the American special services using Apple mobile devices,” the FSB was quoted by Reuters as saying the statement.
The FSB said the plot showed “close cooperation” between Apple and the National Security Agency (NSA).
It should be noted that the FSB provided no evidence of its allegations, and Apple itself has denied the allegation.
“We have never worked with any government to insert a backdoor into any Apple product and never will,” the firm was quoted by Reuters as saying.
Apple famously refused to create a backdoor in 2016 to allow the US FBI to access the locked iPhone belonging to one of the San Bernardino terrorists, Syed Rizwan Farook.
The NSA declined to comment, Reuters reported.
Meanwhile Kaspersky CEO Eugene Kaspersky took to Twitter and also used a blog post to describe a “targeted attack on our management with the Triangulation Trojan.”
We’ve discovered a new cyberattack against iOS called Triangulation.
— Eugene Kaspersky (@e_kaspersky) June 1, 2023
“The attack starts with iMessage with a malicious attachment, which, using a number of vulnerabilities in iOS installs spyware,” he tweeted. “No user action is required.”
“Our experts have discovered an extremely complex, professional targeted cyberattack that uses Apple’s mobile devices,” he posted on the blog. “The purpose of the attack is the inconspicuous placing of spyware into the iPhones of employees of at least our company – both middle and top management.”
Kaspersky researcher Igor Kuznetsov told Reuters that his company had independently discovered anomalous traffic on its corporate Wi-Fi network around the start of the year.
He reportedly said Kaspersky did not circulate its findings to Russia’s Computer Emergency Response Team until earlier on Thursday.
He told Reuters he could not comment on Moscow’s allegation that Americans were responsible for the hacking or that thousands of others had been targeted.
Kaspersky has been firmly in the crosshairs of US authorities for a number of years now.
In March 2022, the US Federal Communications Commission (FCC) added Russia’s Kaspersky Lab, as well as China Telecom (Americas) Corp and China Mobile International USA to its list of communications equipment and service providers deemed threats to US national security.
It was reported in May 2022 that the Biden administration had elevated the priority of a national security probe into Moscow-based Kaspersky Lab earlier in 2022, amidst heightened fears of cyber-attacks due to the conflict in the Ukraine.
The United States in 2017 had banned government departments and the US military from using Kaspersky’s products, and the FBI has reportedly advised a wide range of private companies not to use the tools.
That same year the UK’s National Cyber Security Centre (NCSC) also warned government departments not to use antivirus products with links to Russia for systems related to national security and those which are “critically important”.
Indeed, Kaspersky Lab relocated its data processing infrastructure to Switzerland in 2018, and Eugene Kaspersky said that if he was ever asked to provide data to the Russian government he would move his company out of the country.
More recently Eugene Kaspersky hit back at Germany’s decision to recommend the uninstallation of Kaspersky antivirus (AV) products in the country.