Very little surprises us these days when it comes to the scale and extent of NSA snooping, so it is with something of a sigh that learn of an NSA toolkit dedicated to hacking Apple’s flagship product.
The modular software implant is known as DROPOUTJEEP, and provides the NSA with almost total control of an iPhone, including access to SMS messages, contact lists, voicemail, GPS information, the camera and microphone, files stored on the device, and more.
At present it seems the NSA needs physical access to a phone in order to install the malware, but despite this, it boasts a 100 percent success rate, and a ‘remote capability will be pursued for future release.’ The process of ‘interdiction’ that we reported yesterday, whereby the NSA’s Tailored Access Operations (TAO) department diverts online electronics shipments so they can be infected with malware, is likely to be at least one method used to physically tamper with iPhones.
The new revelations came during a speech by respected security expert Jacob Appelbaum at a hacker conference in Germany, and were supported by internal NSA slideshows obtained by Der Spiegel from Edward Snowden.
Appelbaum’s full speech at the Chaos Communication Conference (30c3) in Hamburg, Germany
Starting his speech with the words, ‘What I am going to show you today is wrist-slittingly depressing’, Appelbaum expressed concern over the possibility that Apple colluded with the NSA,
‘Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves,’ adding, ‘Do you think Apple helped them with that? I hope Apple will clarify that.’