Russia has accused Apple and US intelligence agencies of collaborating to spy on its diplomats by hacking their iPhones.
The Federal Security Service (FSB) issued a statement to say that thousands of Apple devices belonging to Russian diplomats were infected with an unknown malware.
Separately, prominent antivirus firm Kaspersky reported another attack on iOS devices, which Russia’s computer security agency said was linked to the first.
A spokesperson for Kaspersky told The Record that “due to the absence of technical details reported,” the security company couldn’t confirm all the findings from the FSB.
Company CEO Eugene Kaspersky did say, though, that the attack it reported was “extremely complex” and “professionally targeted,” adding that, “several dozen iPhones of the company’s employees — both top and middle-management — were impacted.”
The FSB said that the malware also targeted devices outside of Russia and wireless subscribers who use SIM cards registered with diplomatic missions and embassies in Russia. This include those belonging to users located in some NATO bloc countries, as well as Israel, Syria and China.
The NSA declined to comment on the accusation from Russia that it colluded with Apple to spy on Russia. An Apple spokesperson said that “We have never worked with any government to insert a backdoor into any Apple product and never will.”
The Russian Ministry for Foreign Affairs also stated that the US was conducting global surveillance, adding that it has “placed itself above the law. No state has a right to abuse its technological capabilities.”
In March this year, Russian officials were told to get rid of their iPhones by Sergei Kiriyenko, First Deputy Chief of Staff of the Presidential Administration, due to the perceived risk of being hacked by western intelligence.
In Kaspersky’s report, the attack can be traced all the way back to 2019, with iOS 15.7 being the most version that the malware can successfully attack. To start with, messages with malicious attachments are sent via iMessage that can exploit their targets. Without any user interaction, the spyware can then run and extract sensitive information from the device, including photos, recordings, geolocation and activity data.
Rebooting the device does not clear the spyware, and the message and attachment that first delivers the malware is deleted to remove any trace. Kaspersky said that one indicator of infection is the inability to update iOS to any newer versions.