Apple has stated in an email to AFP that it "has never worked with the NSA to create a backdoor in any of our products, including iPhone".
Security researcher Jacob Applebaum told a security conference in Germany that a program named DROPOUTJEEP allowed the NSA to intercept SMS messages, access contact lists, locate a phone using cell tower data, access voice mail and even operate the iPhone's microphone and camera.
Apple said it is "continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements... and will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them."
Security researcher Graham Cluley wrote in a blog post that Applebaum's presentation and the documents show a "broader range of tools that the NSA apparently deploys against other technology companies and products, including HP servers, Cisco firewalls, Huawei routers, and so on."
A huge problem
DROPOUTJEEP was initially supposed to be installed via "close access methods," according to one of the NSA documents, from 2008, that was leaked by Der Spiegel. That suggests iPhones had to be physically close to get the snooping software on the devices.
Cluley wrote the document "does not mean that the NSA has complete control of your iPhone" because physical access to the device would be needed.
"It may be that they have since found unpatched vulnerabilities in iOS to install the spyware onto targeted devices remotely... but that's not what the leaked documents say," Cluley wrote.
Cluley also noted that the document dates from 2008. He added: "Let's hope that Apple has improved its software's security since 2008. And if it's not true, we've all got a huge problem."