Russia’s Federal Security Service (FSB) revealed on Thursday that it had discovered a large-scale espionage operation conducted by the United States, which compromised thousands of iPhones using advanced surveillance software. Moscow-based cybersecurity firm, Kaspersky Lab, reported that the operation had affected numerous devices belonging to its employees.
In an official statement, the FSB, the main successor to the Soviet-era KGB, disclosed that the infiltration had impacted several thousand Apple Inc devices. The compromised phones belonged to both Russian citizens and foreign diplomats residing in Russia and other countries within the former Soviet Union.
“The FSB has revealed an intelligence operation carried out by the American special services using Apple mobile devices,” declared the FSB statement. Additionally, the FSB claimed that the plot demonstrated “close cooperation” between Apple and the National Security Agency (NSA), the U.S. agency responsible for cryptographic and communications intelligence and security. However, the FSB provided no evidence to support the assertion that Apple collaborated with or was even aware of the spying campaign.
Apple swiftly refuted the allegation, stating, “We have never worked with any government to insert a backdoor into any Apple product and never will.” The tech giant firmly denied any involvement in the operation. The NSA chose not to comment on the matter.
Eugene Kaspersky, the CEO of Kaspersky Lab, shared on Twitter that dozens of his employees’ phones had fallen victim to the operation. Kaspersky Lab described the attack as an “extremely complex, professionally targeted cyberattack” that specifically aimed at workers in high and mid-level management positions. Igor Kuznetsov, a researcher at Kaspersky, confirmed the company’s independent discovery of abnormal network traffic on its corporate Wi-Fi network at the beginning of the year. However, Kaspersky did not share its findings with Russia’s Computer Emergency Response Team until recently.
Kaspersky emphasised that attributing the hacking to any specific party was challenging, stating, “It’s very hard to attribute anything to anyone.” According to Kaspersky’s blog post, the earliest traces of infection discovered date back to 2019, and the attack was still ongoing as of June 2023. While Kaspersky staff were affected, the company believed that it was not the primary target.
The FSB alleged that the American hackers had compromised the phones of diplomats from Israel, Syria, China, and NATO member countries as part of the espionage campaign. Israeli officials refrained from commenting, while Chinese, Syrian, and NATO representatives were not immediately available for a response.
The significance of this matter was highlighted by both the Kremlin and Russia’s foreign ministry. The Russian foreign ministry stated, “The hidden data collection was carried out through software vulnerabilities in U.S.-made mobile phones.” It further asserted that U.S. intelligence services had been utilising IT corporations to collect extensive user data without their knowledge for decades.
Russian officials revealed that the plot was uncovered through a joint effort between FSB officers and the Federal Guards Service (FSO), a powerful agency responsible for the Kremlin’s security and formerly known as the KGB’s Ninth Directorate. Russia, known for its sophisticated domestic surveillance structure, has long questioned the security of U.S. technology. Kremlin spokesman Dmitry Peskov claimed that all officials in the presidential administration were aware that gadgets such as iPhones were “absolutely transparent.”
Earlier this year, the Kremlin reportedly instructed officials involved in preparations for Russia’s 2024 presidential election to cease using Apple iPhones due to concerns about their vulnerability to Western intelligence agencies, as reported by Kommersant newspaper.