The National Security Agency (NSA) has apparently able to hack the iPhone since 2008, according to a Der Spiegel interactive report that looks at the NSA’s various tools used for spying purposes. One particularly interesting tool, codenamed “DROPOUTJEEP,” is an implant that was first used to compromise the first-generation iPhone and was able to send various data stored on the phone to the agency, including text messages, address book contacts, geolocation and voicemail. Furthermore, the software could activate the microphone of the iPhone, turn on the camera and take pictures and retrieve cell tower location.
All NSA-iPhone communications would be “covert and encrypted,” meaning that the target would likely be unaware of what’s going on. According to the document obtained by Der Spiegel, “command, control and data exfiltration can occur over SMS messaging or a GPRS data connection.” Furthermore, the initial DROPOUTJEEP would “focus on installing the implant via close access methods” with remote installations to be “pursued for a future release.” The documents presented by the publication do not specify whether following iPhone models were similarly hacked by the agency.
However, the leaked materials show that the NSA had various other mobile-related spying “products” that worked with other smart devices:
- GOPHERSET – an implant for GSM SIM cards to pull phone book, SMS and log files for incoming and outgoing calls
- MONKEYCALENDAR – attack software that forces a SIM card to transmit geolocation data via covert SMS messages
- TOTECHASER – an implant hidden in a satellite phone running Windows CE that transmits data via hidden SMS messages
- TOTEGHOSTLY – an implant that enables full remote control on Windows Mobile phones offering data download and upload capabilities
- PICASSO – modified GSM handsets that collect user data, audio data while also tracking the location of the handset
These are only a few of the NSA’s smart spying programs that can be used to spy on targets. In similar reports, Der Spiegel mentioned a 50-page catalog of such digital tools developed by the NSA, and revealed that the NSA can intercept laptops and other products mid-shipping to install spy malware on them. Furthermore, the NSA can reportedly hack a wireless network from eight miles away.
An image of the document that reportedly describes DROPOUTJEEP follows below.
UPDATE: Apple has provided a statement to TechCrunch where it says that it had no knowledge of the NSA’s program targeting iPhones and denies that it provided the agency with a backdoor into iOS. The company also vowed to take further steps to protect its users’ privacy.