Targeting of Russian iPhone users

Date of report

June 2023

Affiliations

Attributed by Russian security services to the U.S. National Security Agency

In June, cybersecurity company Kaspersky announced that it was targeted by an advanced threat actor that compromised several Apple iOS devices in the company using zero-click exploits sent in text messages. Follow-up reporting indicates the threat actor used at least four zero-day exploits in the attack and exploited a previously unknown hardware flaw in Apple M1 and M2 chips. The Russian Federal Security Service said the attack also compromised diplomatic personnel in Russia; they attributed the attack to the U.S. National Security Agency.

Suspected victims

Cybersecurity company Kaspersky and diplomatic missions in Russia

Suspected state sponsor

United States

Type of incident

Espionage

Target category

Government
Private sector

Victim government reaction

Policy response

Confirmation

Suspected state sponsor response

Unknown

4-year campaign backdoored iPhones using possibly the most advanced exploit ever
Operation Triangulation: The last (hardware) mystery
NKTsKI: US intelligence agencies can get full access to Apple devices of Russian users

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events