**Apple Alerted Iranian Dissidents About iPhone Spyware Threat Months Prior to War Outbreak**
In the weeks preceding the recent conflict between Israel and Iran, a complex scheme to infiltrate iPhones owned by Iranians both inside and outside of Iran was discovered. A recent report from Bloomberg indicates that over a dozen individuals were targeted, with some receiving notifications from Apple regarding the attempts. These alerts are part of Apple’s threat notification initiative, which we will delve into further.
The hacking initiative appears to be widespread, with a human rights organization estimating they have pinpointed only a small percentage of the actual targets. The identity of those responsible remains uncertain. Some of the individuals targeted are associated with the Iranian government, suggesting possible involvement from Israel or the U.S., or even a collaborative effort, reminiscent of the Stuxnet cyber operation against Iran’s nuclear capabilities. In contrast, some targets are Iranian dissidents opposing the existing regime, hinting at potential participation by the Iranian Government itself. Iranian hacking factions are recognized for their technical prowess, with Lookout emphasizing the activities of MuddyWater, a group tied to Iran’s intelligence agencies, which created advanced Android malware known as DCHSpy.
The assault relied on sophisticated zero-day zero-click vulnerabilities, which are estimated to have cost millions to create. The attack pathways were characterized as “remarkably uncommon.”
**Apple’s Threat Notification Initiative**
Initiated in 2021, Apple’s threat notification initiative warns individuals when their iPhone could be compromised in a deliberate attack. The program concentrates on intricate attacks targeting individuals based on their identities and political activities, such as journalists covering oppressive regimes. Apple has dispatched notifications to users across more than 150 nations, underscoring the significant expense and complexity of mercenary spyware operations.
Apple notifies potentially affected users via email and text messages, recommending they verify the alert by logging into their Apple account.
**A Suggested Measure: Lockdown Mode**
Users have the option to activate Lockdown Mode, which was introduced with iOS 16, to bolster device security by deactivating certain iOS functionalities. In Lockdown Mode, message attachments are not accessible, web technologies are obstructed, FaceTime calls are limited, and invitations to Apple services are restricted. Photos shared do not include location data, and shared albums are eliminated.
**Apple Takes Advanced Malware Extremely Seriously**
Apple’s dedication to fighting advanced malware is widely recognized. In 2021, Apple initiated legal action against the NSO Group, a security research firm based in Israel, regarding its Pegasus spyware. The NSO Group developed sophisticated hacking instruments, including one that utilized three zero-day vulnerabilities to seize control of devices without user intervention.
Apple and the NSO Group participated in a continual cycle of malware deployment and software updates. Ultimately, Apple sued the NSO Group, with Craig Federighi emphasizing the necessity for accountability in state-sponsored surveillance tools. Although Apple withdrew the lawsuit last year, its commitment to securing iPhones continues steadfastly.
Read More
