My understanding with the Egypt iPhone exploit case recently is the mobile carrier likely had a role (Vodafone Egypt). Quite possible US Intel agencies could do the same under FISA and CALEA policies with phones connected to US carrier wireless networks, especially in FISA case if communication is with a foreign surveillance target.