Along with 91 other countries, Apple has sent a new wave of danger alerts to some of its users in India, alerting them to the possibility that their iPhone was compromised by “mercenary spyware,” which includes the infamous Pegasus virus from the Israeli NSO Group.
Apple has not assigned blame to any stakeholder for the latest round of assaults. It had previously sent a similar alert in October of last year to opposition figures from all political parties, including Mahua Moitra of the TMC, Shashi Tharoor of Congress, and Raghav Chadha of the AAP, alerting them to a “potential state-sponsored spyware attack” on their iPhones.
The business then emphasised that it “does not attribute the threat notifications to any specific state-sponsored attacker” in response to government pressure.
The afflicted customers in India received the threat notice emails on Thursday, April 11, at about 12.30 am IST. How many individuals have really gotten Apple’s danger notice is unknown. The email also makes reference to the Pegasus malware developed by the NSO-Group, claiming that such tools are often used to target individuals all around the world.
The danger notice’s subject line states, “ALERT: Apple detected a targeted mercenary spyware attack against your iPhone.”
“Apple has discovered that the iPhone linked to your Apple ID -xxx- is the subject of a mercenary malware assault that aims to remotely corrupt it. You are probably the specific target of this attack because of who you are or what you do. The email message said, “Please take this warning carefully, since Apple has high confidence in its ability to identify such assaults, even though 100% assurance can never be achieved in this regard.
Attacks with mercenary spyware, such the ones that use Pegasus from the NSO Group, are incredibly uncommon and far more advanced than typical cybercrime or consumer malware. The targeting is ongoing and worldwide, but the attacks are expensive and targeted at a relatively limited number of individuals, according to Apple’s danger report.
Users were warned by the firm not to open any links or attachments from senders they were not expecting or were not familiar with. The business stated that because disclosing further details may enable mercenary spyware attackers to “adapt their behaviour to evade detection in the future,” it was unable to provide the reason behind the warning notification.
Additionally, Apple has made changes to its help website, adding advice for those who could have been the targets of the mercenary spyware assault. “The purpose of Apple threat notifications is to alert and support users who might have been specifically targeted by mercenary spyware attacks, probably due to their identity or activity,” the manufacturer of iPhones stated.
These security alerts were first sent by Apple in 2021, and people in 150 countries have since received them. Last year, when the notice was delivered, at least twenty Indians who had iPhones got it.
Previous research on comparable problems has shown few results. A committee of technical specialists was established by the Supreme Court in 2021 to investigate claims of unlawful monitoring via the Pegasus programme, which was created by the Israeli company NSO Group.
Following media allegations of the unlawful use of the software to tap certain activists’, journalists’, and politicians’ phones, the Pegasus issue emerged. A number of petitions asking for an investigation into the accusations were subsequently submitted to the Supreme Court.
The technical expert committee reported in August 2022 that while it had not discovered any concrete proof of the use of spyware in the phones it had looked at, the Central Government “had not cooperated” with the panel.
