Apple Alerts Activists and Journalists About State-Sponsored Malware Threats

Apple has issued warnings to several European Union citizens indicating that they are potential targets of state-sponsored spyware. This alert follows reports from the tech blog TechCrunch detailing that numerous users globally, spanning over 100 countries, have been affected by these threats. However, only two individuals have publicly confirmed their situations: a right-wing activist from the Netherlands and a journalist from Italy, leaving the full extent of the attacks and the identity of the perpetrators uncertain.

In previous instances, Apple has proactively communicated about detected spyware attacks on its users. The company utilizes multiple channels for these alerts, including iMessage notifications and emails sent to iCloud accounts. Additionally, information about potential threats is displayed when users log into their official Apple accounts. Apple also provides resources for civil society organizations and advises users on activating the lockdown mode, a feature designed to mitigate certain types of attacks.

Ciro Pellegrino, a journalist for the online publication Fanpage.it, reported that Apple informed him he was targeted by spyware. He expressed uncertainty regarding the identity of the attackers and the reasons behind the assault. His publication had previously faced similar threats from unknown sources. Another colleague of Pellegrino received a notification from WhatsApp earlier this spring, indicating an attempted spyware attack attributed to Paragon Solutions. Following this, two additional Italian activists focused on refugee issues also came forward.

Eva Vlaardingerbroek, the activist from the Netherlands, shared screenshots of Apple's warning. The company urged affected individuals to take the alert seriously, stating their confidence that the attacks were specifically aimed at these individuals due to their identities or actions. Vlaardingerbroek responded by asserting her determination not to be intimidated. Neither Pellegrino nor Vlaardingerbroek provided further details about their respective incidents to TechCrunch, but it is anticipated that more affected individuals may emerge in the weeks to come.

It remains unclear whether Apple has successfully thwarted these attacks. The notifications specifically mention the spyware product Pegasus, known for its advanced capabilities. Apple recommends that users affected by these threats promptly update their devices to iOS 18.4.1, which addresses critical security vulnerabilities that could be exploited by such malware. Similar updates for macOS and other Apple operating systems have also been released.