Russia Says US Hacked Thousands of iPhones in iOS Zero-Click Attacks

Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. From a report: The delivery of the message exploits a vulnerability that leads to code execution without requiring any user interaction, leading to the download of additional malicious from the attackers' server. Subsequently, the message and attachment are wiped from the device. At the same time, the payload stays behind, running with root privileges to collect system and user information and execute commands sent by the attackers.

Kaspersky says the campaign started in 2019 and reports the attacks are still ongoing. The cybersecurity firm has named the campaign "Operation Triangulation" and is inviting anyone who knows more about it to share information. [...] In a statement coinciding with Kaspersky's report, Russia's FSB intelligence and security agency claims that Apple deliberately provided the NSA with a backdoor it can use to infect iPhones in the country with spyware. The FSB alleges that it has discovered malware infections on thousands of Apple iPhones belonging to officials within the Russian government and staff from the embassies of Israel, China, and several NATO member nations in Russia. Despite the seriousness of the allegations, the FSB has provided no proof of its claims.

Re:These are lies of course

[hey!]

I don't think anyone doubts that the NSA would love manufacturers to put back doors into their products. It's not terribly likely they'd get Apple in particular to do that voluntarily.

But NSA doesn't need Apple's consent; it has other means for installing back doors, anything from slipping them into crypto standards or libraries to black bag jobs on specific shipments of equipment, to trojan horse apps. On top of that, cell phones transmissions aren't secure against any actor with what they call in the spy biz "national means". Russians and Ukrainians intercept each others' calls all the time. And apps that rely on TLS for encryption aren't likely to pose much of a challenge for the NSA.

Now I don't doubt Russian officials' smartphones are chock full of malware, although that doesn't necessarily mean the NSA put it there. But even if a particular phone is verifiably completely free of malware, any foreign official using one should probably assume Uncle Sam can listen in on his conversations and decrypt any data transmitted with that phone.

Re:

[kqs]

Tell me that you know nothing about PRISM without telling me that you know nothing about PRISM.

I have no love for Apple, but just because I dislike an organization doesn't mean I'll make up shit about them.

Re:

[OrangeTide]

Apple publicly denied (in 2013) that they participated in PRISM. The media reported from supposedly leaked slides that Apple has been part of the program since 2012. Who's to say who is right.

On the other hand, Apple briefly partnered with the forensics company Cellebrite and handed over enough information to initiate development of law enforcement tools before Apple terminated the partnership. That is, once the initial requirements were met and the checks cleared.

I'm not saying Apple is the only one, nor t

Re:

[Rujiel]

'Supposedly leaked slides', lol yeah right, it would have been funny if the rest of the tech world had as blasse an attitude on the Snowden leaks back when they dropped as you do now. The JTRIG slides were real, no one in media or govermment even tried to claim that they or any of the other material leaked by Snowden were fake. That's disingenuous

Re:

[OrangeTide]

I say supposedly in a sarcastic sense because Apple still denies it [apple.com]. They're crazy for still holding onto this lie.

Re:

[Rujiel]

Oh lol

Re:These are lies of course

[Opportunist]

It has little to do with liking Russia, it has more to do with their track record.

Re: These are lies of course

[Viol8]

Neither "the west" or russia as we know them today existed 500 years ago and I doubt the Holy Roman Empire gave 2 fucks about
the poor backwards donkey town called Moskva 100s of miles to the east. The ottomans were far more of a problem.

Go learn some history before you shitpost next time Igor.

Re:

[zeeky boogy doog]

Even funnier is that if you read pre-Revolution literature, much of the rest of Europe just a hundred years ago considered Russia to be one of the Great Powers that the other elites dickered with on equal terms.

Russian Hitler's delusions are probably partly fueled by the fantasy that if he can destroy the idea of the laws-based international order and return international affairs to 1910, then magically Russia will be considered one of those Great Powers again like it was prior to the Revolution.

Re:

[qaz123]

You cant claim objectivity when your judgement is clouded with hate. Its pretty obvious fear of Russia has been with the west for 500 years. What track record can you possibly talk about when youve had 25 generations of people living under state propaganda of fear and hate of Russia.

Well maybe not 500 years but 300 years that's for sure. And especially during the Cold War. I'm laughing when with the serious faces people in Norway and Sweden call a beluga whale "a Russian spy whale" just because it is wearing a harness labeled "Equipment St. Petersburg". That's enough evidence for them. https://www.npr.org/2023/05/31... [npr.org]
Not to mention their recurrent hallucinations about some Russian submarines which they keep "seeing" near their shores.

Re:

[Fuck_this_place]

I kind of envy those people. Soon they will know what deep peaceful sleep feels like, maybe for the first time. At the same time, the ruSSians will be learning what it's like to lose. Interesting times.

Re:

[Admiral Krunch]

. Its pretty obvious fear of Russia has been with the west for 500 years.

Oh well, we can thank Putin for one thing at least.
Nobody has that fear any more.

Re:

[qaz123]

The West's track record is not better.

Re:

[Opportunist]

Let's see... when was the last time the US assaulted a country after telling its victim it's just a training exercise?

The US sure ain't no saint when it comes to trying to browbeat someone into doing what they want, but there's still a difference in the extremes they go to. Not only when it comes to how they treat their own soldiers as more than just cheap and expendable cannon fodder.

Re:These are lies of course

[mrclevesque]

> Let's see... when was the last time the US assaulted a country after telling its victim it's just a training exercise?

I could reply "Let's see... when was the the last time Russia invaded, occupied or went to war with 4 middle eastern nations, dropping nearly 500 000 bombs, and killing way over 100 000 civilians, women and children".

But I think qaz123's point was the USA also doesn't have a good track record when it comes to spying.

Re:

[Opportunist]

when was the the last time Russia invaded, occupied or went to war with 4 middle eastern nations, dropping nearly 500 000 bombs, and killing way over 100 000 civilians

Didn't take four. One was enough [wikipedia.org].

At least when it comes to civilians killed. Dunno how many bombs it took them.

Re:

[qaz123]

Chechnya is not a "middle Eastern nation". And Russia did not "invaded Chechnya". Chechnya is part of Russia and if you don't believe me look at the map. You cannot invade yourself.

Re:

[Anonymous Coward]

So Russia is better because it killed 100,000 of its own civilians instead? What a strange reality you live in.

Re:

[mrclevesque]

> So Russia is better because it killed 100,000 of its own civilians instead? What a strange reality you live in.

No, of course Russia is not better.

That's even though Wikipedia gave civilians killed by Russia in Chechnya from 1994 to 1996 as 30 000 to 100 000 deaths, and that also using a range of civilians killed by the USA in the middle east from around the year 2000 to today, I get 150 000 to over 600 000 deaths.

In my first comment I only wrote speaking of the USA "killing way over 100 000 civilians"

Re:

[mrclevesque]

Thanks for the link.

I didn't know there were so many civilian deaths there cause by Russia, 30 to 100 thousand, nothing near those cause by the USA - https://watson.brown.edu/costs... [brown.edu]

But I'm not saying the USA is worst, just that we can clearly say their track record isn't better.

Re:

[qaz123]

This numbers were given by Chechen separatists and are GREATLY exaggerated.

Re:These are lies of course

[Darinbob]

Not because we don't like Russia, which we don't, but because Russia has a long history of doing this sort of stuff That is, both hacking against foreign powers as well as spreading disinformation. That is, the Russian government is a known liar. There is no evidence that is has changed and decided to be honest, and it has no track record of honesty.

People don't dislike Russia because of Russophobia; they dislike Russia because it lies, cheats, steals, assassinates opposition figures, engages in unprovoked wars, is a dictatorship, and loves its hypocrisy. As an example: shoots dozens of missiles daily at Kyiv, then a few drones are in Moscow and instantly they're claiming they're a victim of terrorism. Sure, blame the US for the same crimes, that's a valid case, but Putin takes these crimes to new levels, and he's desperate to be on the wall of shame next to Stalin and Hitler.

Re:

[hdyoung]

I love Russia. Russia is entertaining. Russia is what you get when you build an entire society around the core concept of “no f&*ks given about anything”. Imagine the most chaotic RTS game being played by a poorly-trained, malfunctioning chatgpt. If you’ve got a dark sense of humor, absolutely hilarious.

On a good day, their science was just as good as the US. They produced a lot of people who rose to the absolute tops of their fields, and they were capable of absolutely great thing

Re:These are lies of course

[zeeky boogy doog]

Not exactly.

Despite prima facie plausibility, take anything coming out of Russia with a roughly cinder-block-sized grain of salt because Russia's leaders are pathological, inveterate liars (see basically anything they have said about Ukraine) and because it is literally Soviet doctrine, when criticized, to go full whataboutism, even if you have to basically make shiat up.

That said... okay Russia, so what? You'd try to do the same, and have been caught doing or trying to do the same, to everyone else too. So does China (to the point that American businessmen are issued one-time phones and laptops to go to China that are discarded upon return). Welcome to the game of global politics.

The between-the-lines read (not that it's terribly difficult) here is, "waaaah you succeeded where we failed."

Why trust them?

[Targon]

With the way things have been going, why would Russia encourage government employees to use phones made outside of Russia? The same applies to China, if they are going to be paranoid that someone is watching, then they should have their own devices made. If I worked in government, I wouldn't trust ANY device in the first place, and would make a point of jailbreaking every device, make sure the version of the operating system was fully clean, etc, without any carrier or phone manufacturer software pre-in

Re:

[ArchieBunker]

I'd love to see what a phone made inside Russia with Russian silicon would look like. Probably the size of an actual brick phone and as quick as Windows 95 on a 386.

Re:Why trust them?

[Anonymous Coward]

The battery life would be impressive, but the battery half-life would keep most consumers at bay.

Re:

[echo123]

Please make them suffer through those 9600baud modem connection tones every time they want to conect.

9600? Slow down cowboy!

[davidwr]

Back in my day, we used 300 bps, and we LIKED IT.

We liked it because if we listened fast, we could "hear" the letters that were going over the line.

Re: 9600? Slow down cowboy!

[echo123]

After configuring all the AT commands, you deserve your pleasures.

Re:

[iAmWaySmarterThanYou]

I couldn't hear the bits but I could whistle the 300 baud carrier tone to keep my acoustic modem connection alive when I had to move the phone or modem around.

Re:

[93 Escort Wagon]

I'd love to see what a phone made inside Russia with Russian silicon would look like. Probably the size of an actual brick phone and as quick as Windows 95 on a 386.

Your comment reminded me about an old SCTV skit from the 1980s that mentioned a "new Soviet minicam" - https://www.youtube.com/watch?v=oHjaAu1GTZU [youtube.com]

Re:

[NoWayNoShapeNoForm]

I'd love to see what a phone made inside Russia with Russian silicon would look like. Probably the size of an actual brick phone and as quick as Windows 95 on a 386.

If the Ukranian photos of Russian missile internals is any help...those Russian phones would likely contain Western silicon scrounged from other Western devices.

Re:

[Darinbob]

https://en.wikipedia.org/wiki/... [wikipedia.org]
And a picture of it: http://media.englishrussia.com... [englishrussia.com]

Re:

[Holi]

Here

https://www.indiatimes.com/tec... [indiatimes.com]

But this is most likely just PR retaliation since Apple no longer sells in Russia.

Re:

[newbie_fantod]

The Russians were at the forefront of manned space flight for over a decade, I think they can handle a smart-phone. That old "Ivan can't build sophisticated stuff" trope was dead by the 80's, but I am sure they don't mind being under estimated by their rivals.

Re:

[hawk]

The "sophistication" of Ivan's stuff was *far* behind its contemporary US counterparts. They just got there anyway with a lower tech level.

The Apollo-Soyuz rendezvous required the Soyuz to reach a higher altitude than for which it was designed, while the Apollo had to make it to a lower altitude. And the Apollo astronauts were stunned see the use of vacuum tubes.

Soviet PCB technology was the equal of US.

And they took vacuum tube technology past where we did. They weren't ahead of us; we just dropped it

Re:

[chill]

Russia doesn't have the tech to even assemble, much less fully manufacture a domestic smart phone. Nobody inside Russia is going to want the equivalent of a Lada phone. And as iPhones are status symbols, the oligarchs, high ranking gov't people, and their families are all going to want the latest iPhone or Samsung.

Re:

[iAmWaySmarterThanYou]

I can't buy a fully automatic weapon or a ww2 flame thrower or a pack of live grenades or even a tiny little Petri dish of live polio virus!

Free market, my ass!

Pro russia post history

[Oryan Quest]

https://slashdot.org/~X_DARK_X [slashdot.org]

Bruh you need to tone it down. Nobody believes anyone wants to play with a Russian phone unless it’s to analyze the built in spyware.

Re:

[Holi]

You might want to do a bit of research before making BS claims.

https://www.indiatimes.com/tec... [indiatimes.com]

Re:Why trust them?

[chill]

That's a rebadged (OEM) MediaTek Helio P70 [mediatek.com] running a Russian-tweaked version of Sailfish OS [sailfishos.org], which is from Jolla in Finland.

Thanks for making my point. There are no Russian components, it is OEM from MediaTek, assembled in MediaTek facilities (Vietnam, Indonesia, China, or Taiwan) with a tweaked EU (mostly Finland) OS. See: https://www.pcmag.com/news/the-best-phones-you-cant-get-in-the-us [pcmag.com]

Re:

[cheesybagel]

If the Russians wanted to make a smartphone with their own chips it would be something roughly equivalent to an iPhone 3GS. The Samsung S5PC100 in that was 90 nm.

I do not know why all the rah rah anyway. If you wanted to use US fabs you would be making chips at 10 nm i.e. similar to a 5 year old iPhone 8. Since that is the best process Intel can make. While TSMC in Taiwan can make chips at 3 nm.

The Russians can assemble PCBs in case you were wondering. The problem is outside government customers there is li

Re:

[Bert64]

They don't, western phone brands including apple are technically banned from being used for official purposes. They have a policy to use phones either produced locally, or from non-hostile countries such as china.
Either people are not following the policy, or these are personal devices that shouldn't be used for official purposes.

Re:

[Espen]

They have a policy to use phones either produced locally, or from non-hostile countries such as china.

Seriously?! The Russians might appreciate the non-hostility of the Chinese; but don’t confuse that with trusting them.

Re:

[Petersko]

Phone is potato.

Sorry... the meme should die. But Russian-made phones? What if I want... data?

Re:

[davidwr]

What if I want... data?

In Soviet, er, Putinist Russia, DATA WANTS YOU!

The non-joke version: Data-collectors in the Kremlin want you, and your little data in toto too!

Re:

[Frederic54]

Pretty special in a way... Chinese people are using iPhone for symbols, and American people are using xiaomi/poco/umidigi for the price

Who needs the NSA when you have Rocky & Bullwi

[davidwr]

When Boris Badenov [wikipedia.org] tried to send American secrets back to Fearless Leader [wikipedia.org], he used his trusty hard to hack from far away spy telephone [wikipedia.org] along with super-secure encryption [wikipedia.org].

Or at least that was the plan.

But our [wikipedia.org] heroes [wikipedia.org] accidentally switched Boris's secret codebook for this one [wikipedia.org] which meant not only did the Fearless Leader not understand him, but members of the Radio Orphan Annie's Secret Society [wikipedia.org] older than about 7 probably could.

So in short, NSA only infected officials near Midd

[ajmcello78]

Good to know the rest of us are not vulnerable by this NSA back door.

Should have stuck with Blackberry

[PantyChewer]

Blackberry running on your own BES servers so you can see whats going on.

Side hustle!

[aldousd666]

They could sell this just as a jailbreak. Pay us $20 and well send you a text to get you root on your iPhone.

Zero trust code

[parserbug]

I trust Appleâ(TM)s ability to avoid âparser bugsâ(TM) that lead to RCEâ(TM)s as much as slashdotâ(TM)s

The new zero

[Tony Isaac]

We've been hearing about "zero day" attacks for some time now. This is the *new* zero...zero click!

We Should Trust Kapersky--Why?

[BrendaEM]

https://en.wikipedia.org/wiki/... [wikipedia.org]