A new collection of NSA backdoors has come to light, and they lead straight to companies such as Apple, Cisco, Dell, Huawei, Samsung and more.
Security researcher Jacob Appelbaum, working with German news outlet Der Spiegel, reported on more than 50 pages of leaked documents from 2008 cataloging the various items and methods used to exploit software, hardware and firmware of major companies. The documents, the news outlet reported, detail tools used by the NSA’s TAO (Tailored Access Operations) unit to breach and implant spyware inside networking equipment, mobile phones and computers.
Each page outlines how a piece of codenamed software or hardware infiltrates the software, hardware or firmware of private companies. One document in particular discusses software codenamed DROPOUT JEEP, which creates backdoors in Apple’s iPhone operating system, according to the report. The backdoor reportedly allowed the NSA to remotely access files, SMS messages, contacts, voicemail, location data and more, and to retrieve the data through text message or data connections.
Since the documents date back to 2008, when Apple was running a much earlier version of iOS, there is no indication of whether the backdoor was present in later devices or OSes. The document also said that the initial release could not install the implant remotely, but the capability would be pursued in future versions.
Apple’s official response to the news denies ever working with the NSA to create an iPhone backdoor, and that it was unaware of the NSA program targeting its products.
Other TAO spying tools include JETPLOW, which breaches Cisco firewalls; DEITYBOUNCE, which exploits Dell servers; and PICASSO, which collects user data from Samsung-model mobile phones. A full list of the documents detailing each NSA spying tool can be found here.