Apple Alerts Iranians of Government Spyware Targeting iPhones
Recently, Apple has notified more than a dozen Iranians that their iPhones were targeted with government spyware, as reported by security researchers. Miaan Group, a digital rights organization focusing on Iran, along with Hamid Kashfi, an Iranian cybersecurity researcher based in Sweden, spoke with individuals who received these notifications over the past year.
The news was initially covered by Bloomberg, shedding light on the spyware notifications targeting Iranians. Miaan Group published a report addressing the state of cybersecurity for civil society in Iran, revealing three cases of government spyware attacks against Iranians. These attacks, two within Iran and one in Europe, were brought to light in April of this year.
According to Amir Rashidi, director of digital rights and security at Miaan Group, two of the victims in Iran come from a family with a history of political activism against the Islamic Republic. Rashidi believes there have been multiple waves of attacks and that further investigations are necessary to uncover the full extent of the situation. He suspects that Iran is likely behind these attacks, as members of civil society are the primary targets.
Hamid Kashfi, founder of the security firm DarkCell, assisted two victims with initial forensics steps but was unable to pinpoint the specific spyware maker responsible. Some victims opted not to pursue further investigation due to the sensitive nature of the case and concerns about their workplace.
Contact Us
Have you received a threat notification from Apple? Feel free to contact us securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
Apple has been sending notifications to individuals targeted with government spyware, such as NSO Group’s Pegasus or Paragon’s Graphite, in recent years. This form of malware, also known as “mercenary” or “commercial” spyware, has been a growing concern globally.
These notifications have been instrumental in helping security researchers document cases of abuse in various countries, including India, El Salvador, and Thailand. Apple’s support page for “threat notifications” highlights the company’s efforts to notify users in over 150 countries since 2021, underscoring the widespread use of government spyware.
To assist victims, Apple recommends reaching out to digital rights group AccessNow, which operates a helpline staffed with researchers who investigate spyware attacks. AccessNow has been actively documenting instances of spyware misuse worldwide.
Despite these efforts, Apple has not provided a comment on the notifications sent to Iranians. The ongoing battle against government spyware continues to be a significant challenge for individuals and organizations worldwide.
