Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

by

Earlier today, Apple announced that it had filed suit against NSO Group, the firm responsible for the Pegasus spyware that has been used in state-sponsored surveillance campaigns in a number of countries. NSO Group seeks to take advantage of vulnerabilities in iOS and other platforms to infiltrate the devices of targeted users such as journalists, activists, dissidents, academics, and government officials.

apple security banner
As part of its announcement, Apple revealed that it is notifying the "small number of users" who have been targeted via the FORCEDENTRY exploit for a now-patched vulnerability that allowed Pegasus to be installed on their devices. Apple also said that it will continue to notify users it believes have been targeted by state-sponsored spyware attacks "in accordance with industry best practices," and the company has now shared a new support document outlining how it will notify those users.

Notifications will be delivered to affected users via email and iMessage notifications to the addresses and phone numbers associated with the users' Apple IDs, with the notifications providing additional steps users can take to protect their devices. A prominent "Threat Notification" banner will also be displayed at the top of the page when affected users log into their accounts on the Apple ID web portal.

apple id threat notification
Users will never be asked to click links or install apps via the email and iMessage notifications, so users receiving notifications should always log into their ‌Apple ID‌ accounts on the web to verify that threat notifications have been issued for their accounts and to learn what to do next.

Apple acknowledges that there may be some false alarms with its notifications and that some attacks may go undetected, as it is facing constantly evolving tactics from state-sponsored attackers. Apple's threat-detection methods will similarly evolve, and so the company will not be sharing information on its methods to hinder efforts by attackers to evade detection.

Regardless of whether or not you receive a threat notification from Apple, the company advises all users to take the following steps to secure their devices:

  • Update devices to the latest software, as that includes the latest security fixes
  • Protect devices with a passcode
  • Use two-factor authentication and a strong password for ‌Apple ID‌
  • Install apps from the App Store
  • Use strong and unique passwords online
  • Don’t click on links or attachments from unknown senders

Finally, Apple shares a list of emergency resources at the Consumer Reports Security Planner website for those users who have not received an Apple threat notification but believe they may have been targeted by state-sponsored attackers to obtain expert assistance.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: Security

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article136 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article492 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
Read Full Article38 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments

Top Rated Comments

ian87w Avatar
ian87w
35 months ago
Good work Apple, and hopefully Apple can realize that its own mass scanning system is actually a risk to the security and privacy it's trying to protect.
Score: 28 Votes (Like | Disagree)
Gnattu Avatar
Gnattu
35 months ago

Will Apple also notify us when we are targeted by Apple created spyware attacks?
One example being CSAM.

No Apple will not . . . willingly. Once exposed by the public, Apple will try to make excuses to justify their own developed spyware.
Except they notified the public?:confused:
Score: 20 Votes (Like | Disagree)
max2 Avatar
max2
35 months ago
Cool!

Way to go Apple.
Score: 19 Votes (Like | Disagree)
steve09090 Avatar
steve09090
35 months ago

Will Apple also notify us when we are targeted by Apple created spyware attacks?
One example being CSAM.

No Apple will not . . . willingly. Once exposed by the public, Apple will try to make excuses to justify their own developed spyware.
How is CSAM spyware when they have been very open in telling people what it was and how it would work?
Score: 13 Votes (Like | Disagree)
btbeme Avatar
btbeme
35 months ago
Serious about security and privacy. Serious enough to take on State players head-on.

While this really only affects a few dozen people globally, it is a signature for what governments and their minions are ready, capable, and willing to do. You can keep pretending that “you have nothing to hide” while your privacy (and many international and Constitutional laws) get whittled away… or you can stand up to this.

And don’t think for a minute that certain social media avenues aren’t part of this… willfully or not.
Score: 13 Votes (Like | Disagree)
goobot Avatar
goobot
35 months ago

It's important to boycott Israel, which is responsible for this software, as well:

https://www.nytimes.com/2021/11/08/world/middleeast/nso-israel-palestinians-spyware.html


If Apple can stop selling its products in Turkey because of economic concerns, it can certainly stop selling products in Israel for software concerns.
Lmao, let’s boycott a country because It has a company I don’t like, let’s boycott America cause Facebook exist and every other country in the world cause they all have only good players
Score: 11 Votes (Like | Disagree)
Read All Comments