The news comes via security researcher Jacob Applebaum and German news outlet Der Spiegel, with the revelation being that an NSA program called DROPOUTJEEP allows the agency to collect SMS messages, location data and other information from an iPhone without touching it once a software implant has been installed. Currently that requires access to the device in question, though an updated release was being worked on that would allow remote installation.
"DROPOUTJEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device, SMS retrieval,contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control, and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted."