That’s the word from security expert Jacob Appelbaum, who told a hacker conference in Germany that the NSA can plant iPhone malware called Dropout Jeep, which gives American intelligence agents the ability to turn the gadget into a listening post using the iPhone camera and microphone. Also, it has a spyware function that can retrieve contact information, read through text messages and emails, and listen to voicemails.
Using slides that may or may not have come from Edward Snowden that may or may not be official internal NSA documents, Appelbaum added that Dropout Jeep has been around since 2008, when the iPhone first debuted.
Long known for his privacy advocacy, he told attendees to the Chaos Communications Conference that the revelations are “wrist-slicingly depressing” and "are even worse than your worst nightmares."
For its part, Apple said it has been completely unaware of all of this. “Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone,” the company said in an emailed statement to the press. “Additionally, we have been unaware of this alleged NSA program targeting our products.”
It added, “We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”
Der Spiegel recently reported that a number of devices from major manufacturers were vulnerable to NSA backdoors, as collected in a 50-page official document obtained by the German paper. A division of the NSA called ANT is specifically tasked with creating this kind of malware. For instance, something called Feedtrough can burrow past Juniper firewalls to give NSA access to mainframe computers. The agency has also reportedly developed a $40,000 active GSM base station that can trick phones into attaching to it instead of a legitimate cell tower – leaving them wide open for infiltration.
An NSA spokeswoman, Vanee Vines, told the Sydney Herald that the NSA doesn’t comment on “alleged foreign intelligence activities.”
However, “As we’ve said before, NSA’s focus is on targeting the communications of valid foreign intelligence targets – not on collecting and exploiting a class of communications or services that would sweep up communications that are not of bona fide foreign intelligence interest to the U.S. government,” she said.