Security News > 2023 > June > Russia says US hacked thousands of iPhones in iOS zero-click attacks

Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits.

Kaspersky says the campaign started in 2019 and reports the attacks are still ongoing.

As it's impossible to analyze iOS from the device, Kaspersky used the Mobile Verification Toolkit to create filesystem backups of the infected iPhones to recover information about the attack process and the malware's function.

While the malware attempts to delete traces of the attack from devices, it still leaves signs of infection, like system file modifications that prevent the installation of iOS updates, abnormal data usage, and the injection of deprecated libraries.

In a statement coinciding with Kaspersky's report, Russia's FSB intelligence and security agency claims that Apple deliberately provided the NSA with a backdoor it can use to infect iPhones in the country with spyware.

The FSB alleges that it has discovered malware infections on thousands of Apple iPhones belonging to officials within the Russian government and staff from the embassies of Israel, China, and several NATO member nations in Russia.

News URL

https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/