Russia’s Federal Security Service (FSB) said on Thursday it had uncovered an American espionage operation that compromised thousands of iPhones using sophisticated surveillance software. Moscow-based cybersecurity firm Kaspersky Lab said dozens of its employees’ devices were compromised in the operation. The FSB, the main successor to the Soviet-era KGB, said in a statement that “the hidden data collection was carried out through software vulnerabilities in Apple Inc (AAPL.O) mobile phones,” adding that the alleged plot involved domestic Russian subscribers as well as foreign diplomats stationed in Russia and other countries formerly part of the Soviet Union.
The FSB claimed the malware exploited previously unknown vulnerabilities in iOS, allowing it to spy on voice messages, photo albums, and other data stored on an iPhone. According to the FSB, it also enabled hackers to remotely activate the microphone, collect geolocation data, and take screenshots. The FSB accuses the U.S. National Security Agency of conducting the operation. The FSB statement was issued shortly after Kaspersky’s CEO, Eugene Kaspersky, disclosed in a Twitter post that his company had independently detected abnormal network traffic on its corporate Wi-Fi network at the beginning of this year. Kaspersky later published a technical report on the matter, saying it had noticed suspicious activity in the apps of several iPhones, including some belonging to the company’s top managers and several staff members.
Upon detecting the abnormal activity, Kaspersky started to monitor app permissions and created offline backups of some of its employees’ iPhones. It then used the backups to inspect the devices, finding them infected with malware that allowed hackers to access iMessage and other applications. The malware could also intercept microphone recordings, steal photos from instant messaging applications, and even record conversations without a user’s knowledge.
Kaspersky said the attack was aimed at senior executives and staff of the Russian company, with the attackers trying to obtain its workers’ names and phone numbers. It also said the attack could have gathered information about political activities and other sensitive issues.
Apple has yet to respond to a request for comment. The Kremlin’s accusation may escalate tensions between Russia and the United States, which has long accused the country of using its technology for espionage. The FSB’s claim, if true, would also raise concerns over whether other U.S. tech companies are collaborating with the NSA on hacking.
The FSB’s statement also noted that the alleged spying showed close cooperation between the NSA and Apple. “We have never worked with any government to insert a backdoor into any of our products, and we never will,” an Apple spokesperson said in a statement, adding that the company did not know of any compromised iCloud servers. The company halted sales of its products in Russia after the invasion of Ukraine, but smartphones continue to be widely available via parallel import schemes. The FSB’s claims are likely to be taken seriously in the West, similar to those of whistleblower Edward Snowden in 2013. The leaked classified documents about the PRISM program, which allows the NSA to track Internet users, caused outrage among many Western politicians and tech companies.