Shutterstock
While previous news headlines have spoken of the difficulty authorities have into breaking into the iPhones of suspected criminals, evidence found by Kaspersky Lab has revealed that a small spyware government contractor is selling iOS malware for the purpose of breaking into iPhones.
This new revelation by Kaspersky Lab is intriguing on two levels.
First, if it’s true, it suggests there is a link between US government contractors and bad actors who are assisting authorities in some questionable activity, especially in terms of the privacy of American citizens.
Secondly, one can’t rule out an ulterior motive and self interest of Kaspersky Lab. After all, approximately one year ago, President Donald Trump signed a law banning the use of Kaspersky Lab within the US government alleging that the antivirus company was engaged in espionage in the service of the Kremlin.
The new legislating a ban on the firm’s products applied to both civilian and military networks. The administration ordered that civilian agencies remove Kaspersky Lab software within 90 days. Therefore, this latest announcement by Kaspersky Lab could be an attempt to clap back at the US government over the ban.
The US government has previously reached out to Apple itself to gain assistance at breaking through the strict security of the iPhone. Apple refused.
Indeed, Apple’s iPhone may be the most secure consumer device that exists. Still, nothing is completely hack-proof. And where there’s a will, someone will undoubtedly find a way.
Taking a moment to consider that the allegations by Kaspersky Lab could be true, here is what the cybersecurity firm has revealed.
According to a private report Kaspersky Lab sent to its subscribers, the company alleges that a small government-contracted spyware firm named Negg has developed a “custom iOS malware that allows GPS tracking and performs audio surveillance activity.”
We have uncovered an iOS implant,” Kaspersky Lab researcher Alexey Firsh told website Motherboard in an email. “We assume that at the moment of discovery it was in a development stage and was not fully adapted to infect potential victims.”
Again, one has to consider the motivations of Kaspersky Lab and the fact that they have never reported this malware outside of their own company and subscribers.
Before we completely write off Kaspersky Lab as being self-serving in the report, there are also a lot of strong reasons for believing them.
Trying to jailbreak or break into iPhones is notoriously difficult and getting harder all the time, as Apple has a strong focus on locking down their devices and preventing intrusion.
That said, there are already several companies that specialize in developing iOS malware, such as NSO Group, Azimuth and others.
Back in March, it was widely reported that a company called GrayKey was selling a $15,000 device that helped law enforcement authorities break iPhone passcodes, and they had secured contracts with US Immigration and Customs Enforcement (ICE), as well as the Secret Service. However, just last month, with the introduction of iOS 12 or higher, Apple hamstrung many of GrayKey’s abilities. The device can now only do what’s called a “partial extraction,” according to sources from the forensic community, as reported by Forbes.
