CIA May Be Trying To Hack Into Your iPhone, But Tim Cook Won't Let Them

Investigative journalists are painting a scary picture.

Last March, The Intercept released a comprehensive report detailing the CIA's "multi-year, sustained effort to break the security of Apple's iPhones and iPads."

This week, that news has become relevant again after Chinese app developers said the App Store had been infected with similar malware that the CIA had developed. 

The original report from March described a secret meeting called "Jamboree" where security researchers showed off their latest tricks for getting behind Apple products. U.S. government research has reportedly been trying its best to decrypt Apple's firmware for nearly a decade.

That news came to the public's ears while several major tech companies have openly pushed back against pressure from senior U.S. and U.K. government officials who want them to make their products more accessible. Perhaps the loudest amongst that group was Apple CEO Tim Cook.

"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will," Cook said last September while announcing Apple's new privacy policy. "None of us should accept that the government or a company or anybody should have access to all of our private information. This is a basic human right. We all have a right to privacy. We shouldn't give it up. We shouldn't give in to scare-mongering."

Part of what The Intercept unveiled was that the security researchers had claimed to have developed a modified version of Xcode, Apple's "proprietary software development" tool. That tool is given to developers who make apps for the Apple store, but if they were to get the CIA-modified version, it could potentially "enable spies to steal passwords and grab messages on infected devices."

Now, though, the issue has been raised again. Just this week, The Intercept has followed up on the story with news that Chinese developers detected a malware called "XcodeGhost" inside the Apple store. Via The Intercept:

The malware, called XcodeGhost, works by corrupting Apple's Xcode software, which runs on Mac computers and compiles source code into apps that can run on iPhones, iPads, and other devices, before submitting them to the App Store. If a developer has XcodeGhost installed on their computer, apps that they compile include malware without the developer realizing it. Although XcodeGhost is the first malware to spread this way in the wild, the techniques it uses were previously developed and demonstrated by Central Intelligence Agency researchers at the CIA's annual top-secret Jamboree conference in 2012. Using documents from NSA whistleblower Edward Snowden, The Intercept's Jeremy Scahill and Josh Begley described the CIA's Xcode project in a story published in March.

At least 50 apps inside the App Store have been infected, according to the security firm Palo Alto Networks. One of those apps is WeChat, an extremely well known app used for messaging that is primarily used in Asia. The apps that are infected will do things like pop up prompts asking for your iCloud password.  

If that sounds scary, it's because it is. 


Subscribe to our newsletter and get the latest news and exclusive updates.