Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

British spy agency said to target Apple's iPhone with remote surveillance exploit kit

Source: The Guardian

Last updated

The U.K.'s Government Communications Headquarters has reportedly developed a set of iPhone exploits that can turn Apple's handsets into live, remotely-accessible microphones and GPS trackers, according to new documents from NSA leaker Edward Snowden.


Slides from a top-secret 2010 presentation published by The Guardian provide a brief glimpse into the capabilities of GCHQ's so-called "Warrior Pride" spy kit, which gives the agency wide-ranging access to infected devices. The revelation comes amidst reports that both GCHQ and the NSA are scouring data transmitted over the internet from smartphone apps such as Google Maps and Twitter to glean personally-identifiable information like age, location, and even sexual orientation.

Warrior Pride is said to come with several plugins —  named as characters from the animated series "The Smurfs" —   which allow agents to control various device systems.

"Dreamy Smurf" allows a device that is seemingly powered down to be covertly activated, "Nosey Smurf" enables eavesdropping via the device's microphone, and "Tracker Smurf" provides high-precision location data. Yet another plugin, "Paranoid Smurf," provides self-protection capabilities for the toolkit.

A fifth plugin — dubbed "Porus" —  is referred to as providing "kernel stealth" capabilities. This could mean that the spyware is embedded in a manner similar to a rootkit, and might re-install itself automatically after being wiped.

In addition, the slide touts GCHQ's ability to retrieve content like SMS, e-mail, videos, photos, and web history from the device. "If its [sic] on the phone, we can get it," the slide reads.

It is unclear whether the installation of the toolkit requires physical access to a device, as a similar NSA program outed late last year did. It does appear that the GCHQ version is further along —  the slide says Warrior Pride has been ported to the iPhone, while it has yet to be confirmed whether the NSA's variant ever moved past the contemplative stage.



51 Comments

steven n. 13 Years · 1229 comments

So we are talking iOS 3 exploits here?

gatorguy 13 Years · 24627 comments

Before the arguments over whose ecosystem is more secure even starts it's plain none truly are. Spying on iOS looks to be just as easy as spying on Android or Blackberry or desktops systems. Instead of wasting time trying to make this platform look worse than that platform, or claiming this one isn't as leaky at another we should be discussing what should or can be done to minimize it altogether. The spying and data collection hits every OS equally, and apparently none are currently immune. Even more concerning and not necessarily related to the NSA: When simply uploading a photo allows location data to be harvested, venues identified, faces matched to names, friends and acquaintances associated with your profile, personal interests revealed, then perhaps it's time to step back a bit and look at what we're really doing to ourselves.

gatorguy 13 Years · 24627 comments

[quote name="Steven N." url="/t/161794/british-spy-agency-said-to-target-apples-iphone-with-remote-surveillance-exploit-kit#post_2463990"]So we are talking iOS 3 exploits here?[/quote] Not likely. Instead they've almost assuredly improved their spying capabilities several times over in the 5 years since.

muppetry 13 Years · 3319 comments

Agency development of these kinds of targeted tools is neither surprising nor nearly as much concern as indiscriminate, widespread data collection. It's their job to have tools available for covert surveillance. The issue is whether they follow legal process in deploying them, and whether said process is reasonable and, in countries that have such a thing, constitutional.