Russia’s Federal Security Service (FSB) announced on Thursday, June 1, that it had identified an American spy operation that utilized advanced surveillance software, leading to the compromise of thousands of iPhones. Moscow-based Kaspersky Lab, a cybersecurity company, reported that numerous devices belonging to its employees had been compromised in the operation.
The FSB, considered the successor to the Soviet-era KGB, issued a statement claiming that several thousand Apple devices had been infected, including those belonging to Russian citizens and foreign diplomats in Russia.
In their statement quoted by Reuters, the FSB revealed, “The FSB has uncovered an intelligence action of the American special services using Apple mobile devices.” They also alleged that the operation demonstrated “close cooperation” between Apple and the National Security Agency (NSA), the US agency responsible for cryptographic and communications intelligence and security.
However, the FSB did not provide any evidence to suggest that Apple was aware of or collaborated with the spying campaign. Apple swiftly denied the allegations, stating, “We have never worked with any government to insert a backdoor into any Apple product and never will.”
According to Reuters, the NSA declined to comment on the matter. Kaspersky Lab’s CEO, Eugene Kaspersky, revealed on Twitter that dozens of his employees’ phones had been compromised in the operation, which his company described as an “extremely complex, professionally targeted cyberattack” primarily targeting top and middle-management workers.
Kaspersky researcher Igor Kuznetsov stated that the company had independently discovered unusual network activity on their corporate Wi-Fi network at the beginning of the year. Kaspersky did not report its findings to Russia’s Computer Emergency Response Team until Thursday.
Regarding the Russian allegations of American responsibility for the hacking, Kuznetsov commented, “It’s very hard to attribute anything to anyone.” Kaspersky also noted in a blog post that traces of the infection dated back to 2019, and as of June 2023, the attack was still ongoing. The company clarified that while their staff had been affected, they were confident that Kaspersky was not the primary target of the cyberattack.
The FSB claimed that US hackers targeted diplomats from Israel, Syria, China, and NATO members as part of the espionage campaign. The Russian foreign ministry supported the FSB’s assertions, stating that the hidden data collection was conducted through software vulnerabilities in US-made mobile phones and accusing US intelligence services of using IT corporations for large-scale data collection without users’ knowledge.