US, Apple hacking thousands of iPhones: Russia

Russian cybersecurity company Kaspersky Lab claimed that the campaign had installed file-stealing malware on iPhones belonging to its staff that were running an out-of-date version of Apple’s mobile operating system. On Monday, Russia‘s Federal Security Service claimed without providing evidence that several thousand iPhones in the country had been compromised in a recently discovered espionage […]

Author
Edited By: Sonia Dham
Follow us:

Russian cybersecurity company Kaspersky Lab claimed that the campaign had installed file-stealing malware on iPhones belonging to its staff that were running an out-of-date version of Apple’s mobile operating system.

On Monday, Russia‘s Federal Security Service claimed without providing evidence that several thousand iPhones in the country had been compromised in a recently discovered espionage operation that it attributed to the US government. The company further stated that there was insufficient evidence to link the breaches to a specific government or agency.

A similar infection vector was used by NSO Group, a supplier of the Pegasus spyware, and rivals who sell to foreign governments, who claims that the infections began with an iMessage attachment without any user input.

Meanwhile, Federal Security Services (FSB) has asserted that the attack has targeted thousands of people, including senior officials and diplomats, and United States along with Apple for hacking.

Whereas, one of the Apple’s spokespersons has denied the charges regarding the same, and said, “We have never worked with any government to insert a backdoor into any Apple product and never will.”   

According to the sources, no smartphones using an operating system more current than iOS 15.7, which was updated in September 2022, were affected.

A zero-day vulnerability is an unidentified flaw that still affects software that has been fully patched, and is more typically used by high-end government to spy the operations. The technology employed by embassies and private security personnel is regularly a target of international eavesdropping.

According to reports, the security firm, which routinely works with Russian law enforcement, has published a list of obscure websites that were used to connect to the infected phones as well as technical indicators of penetration that users can use to check their own devices.

However, the US office of the Director of National Intelligence refused to comment on this.