Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

Earlier today, Apple announced that it had filed suit against NSO Group, the firm responsible for the Pegasus spyware that has been used in state-sponsored surveillance campaigns in a number of countries. NSO Group seeks to take advantage of vulnerabilities in iOS and other platforms to infiltrate the devices of targeted users such as journalists, activists, dissidents, academics, and government officials.

apple security banner
As part of its announcement, Apple revealed that it is notifying the "small number of users" who have been targeted via the FORCEDENTRY exploit for a now-patched vulnerability that allowed Pegasus to be installed on their devices. Apple also said that it will continue to notify users it believes have been targeted by state-sponsored spyware attacks "in accordance with industry best practices," and the company has now shared a new support document outlining how it will notify those users.

Notifications will be delivered to affected users via email and iMessage notifications to the addresses and phone numbers associated with the users' Apple IDs, with the notifications providing additional steps users can take to protect their devices. A prominent "Threat Notification" banner will also be displayed at the top of the page when affected users log into their accounts on the Apple ID web portal.

apple id threat notification
Users will never be asked to click links or install apps via the email and iMessage notifications, so users receiving notifications should always log into their ‌Apple ID‌ accounts on the web to verify that threat notifications have been issued for their accounts and to learn what to do next.

Apple acknowledges that there may be some false alarms with its notifications and that some attacks may go undetected, as it is facing constantly evolving tactics from state-sponsored attackers. Apple's threat-detection methods will similarly evolve, and so the company will not be sharing information on its methods to hinder efforts by attackers to evade detection.

Regardless of whether or not you receive a threat notification from Apple, the company advises all users to take the following steps to secure their devices:

  • Update devices to the latest software, as that includes the latest security fixes
  • Protect devices with a passcode
  • Use two-factor authentication and a strong password for ‌Apple ID‌
  • Install apps from the App Store
  • Use strong and unique passwords online
  • Don’t click on links or attachments from unknown senders

Finally, Apple shares a list of emergency resources at the Consumer Reports Security Planner website for those users who have not received an Apple threat notification but believe they may have been targeted by state-sponsored attackers to obtain expert assistance.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

ian87w Avatar
6 days ago at 08:52 pm
Good work Apple, and hopefully Apple can realize that its own mass scanning system is actually a risk to the security and privacy it's trying to protect.
Score: 28 Votes (Like | Disagree)
Gnattu Avatar
6 days ago at 10:13 pm

Will Apple also notify us when we are targeted by Apple created spyware attacks?
One example being CSAM.

No Apple will not . . . willingly. Once exposed by the public, Apple will try to make excuses to justify their own developed spyware.
Except they notified the public?:confused:
Score: 20 Votes (Like | Disagree)
max2 Avatar
6 days ago at 08:34 pm
Cool!

Way to go Apple.
Score: 19 Votes (Like | Disagree)
steve09090 Avatar
6 days ago at 10:32 pm

Will Apple also notify us when we are targeted by Apple created spyware attacks?
One example being CSAM.

No Apple will not . . . willingly. Once exposed by the public, Apple will try to make excuses to justify their own developed spyware.
How is CSAM spyware when they have been very open in telling people what it was and how it would work?
Score: 14 Votes (Like | Disagree)
btbeme Avatar
6 days ago at 09:05 pm
Serious about security and privacy. Serious enough to take on State players head-on.

While this really only affects a few dozen people globally, it is a signature for what governments and their minions are ready, capable, and willing to do. You can keep pretending that “you have nothing to hide” while your privacy (and many international and Constitutional laws) get whittled away… or you can stand up to this.

And don’t think for a minute that certain social media avenues aren’t part of this… willfully or not.
Score: 13 Votes (Like | Disagree)
goobot Avatar
6 days ago at 12:12 am

It's important to boycott Israel, which is responsible for this software, as well:

https://www.nytimes.com/2021/11/08/world/middleeast/nso-israel-palestinians-spyware.html


If Apple can stop selling its products in Turkey because of economic concerns, it can certainly stop selling products in Israel for software concerns.
Lmao, let’s boycott a country because It has a company I don’t like, let’s boycott America cause Facebook exist and every other country in the world cause they all have only good players
Score: 11 Votes (Like | Disagree)

Related Stories

nso israeli surveillance firm

Apple Aims to Cut Down on Spyware With Lawsuit Against NSO Group

Tuesday November 23, 2021 10:09 am PST by
Apple today announced that it has filed a lawsuit against Israeli firm NSO Group and its parent company with the aim of holding it accountable for targeting Apple users with spyware used for surveillance purposes. In the lawsuit, Apple offers up information on how NSO Group infiltrated the devices of iPhone owners and how it utilized the Pegasus spyware to do so. Apple is asking for a...
apple id website 1

Apple ID Website Gets Design Overhaul

Thursday November 4, 2021 10:19 am PDT by
Apple has redesigned its Apple ID website, introducing an entirely new look that's much more modern and clean than the prior design that was used. The Apple ID landing page has been updated with a new dot and Apple logo design, along with information on what the Apple ID website can be used for. The prior design was graphics heavy, featuring a large banner with people using various Apple...
macbook pro sizes space gray

DoJ Arrests Hacker Involved With REvil Group That Stole Apple's MacBook Pro Schematics

Monday November 8, 2021 4:28 pm PST by
The United States Justice Department today announced that it has arrested Ukrainian Yaroslav Vasinskyi for his involvement with REvil, a group that executed ransomware attacks against businesses and government entities in the United States. REvil in April targeted Apple supplier Quanta Computer and stole schematics of the design of the 14 and 16-inch MacBook Pro models that were later...
Twitter Feature

Twitter Investigating Bug Causing Unexpected Logouts on iOS 15

Wednesday November 24, 2021 9:28 am PST by
Twitter Support has acknowledged a bug causing unexpected account logouts on iOS 15, promising that its teams are working on a fix and that it'll keep users updated on when it's resolved. Posts on Twitter over the last several hours have shown users experiencing the bug, with some sharing frustrations that the app is requiring them to log back into Twitter upon every app launch. While some...
apple wallet drivers license feature

Apple Delays iOS 15 Feature for Adding Your Driver's License to Your iPhone Until Early 2022

Tuesday November 23, 2021 9:35 am PST by
Apple recently updated its website to indicate that an upcoming iOS 15 and watchOS 8 feature that will let you add your driver's license or state ID to your iPhone and Apple Watch in participating U.S. states has been delayed until early 2022. Apple previously said the feature would launch in late 2021. In September, Apple said Arizona and Georgia would be among the first states to introduce ...
app store blue banner

Apple Says iOS is Safer Than Android Because Sideloading Apps Isn't Allowed

Wednesday October 13, 2021 5:00 am PDT by
In response to the European Commission's proposed Digital Markets Act, which could force sideloading of apps on the iPhone in Europe, Apple has shared an in-depth document highlighting the security and privacy risks of sideloading. Sideloading refers to installing apps outside of the App Store, such as from a website or a third-party app store. Apple's document, titled Building a Trusted...
firefox lockwise password app padded

Mozilla Ending Support for Firefox Lockwise Password Manager in December

Wednesday November 24, 2021 3:42 am PST by
Mozilla has told users of its Lockwise password management app that it will officially end support for the app on December 13. While the password manager will continue to work after that date, it will no longer receive support or security updates. Lockwise began life in 2018 as Lockbox, an open-source mobile app for iOS, Android, and desktop that allowed users to access login credentials and ...
do not disturb feature removed

iOS 15 Removes Do Not Disturb Option That Silenced Notifications Only When iPhone Was Locked

Tuesday September 21, 2021 1:22 pm PDT by
With iOS 15, Apple expanded the Do Not Disturb feature from iOS 14 into a full Focus Mode option that's designed to allow users to set up different scenarios to manage their incoming notifications. Focus Mode is handy because it lets you decide exactly what alerts and apps you want to see at home, while at work, when sleeping, when exercising, and in other situations, but as Reddit users...
Mac App Store General Feature

Apple's Arguments Against Sideloading on iOS: All Your Questions Answered

Thursday November 11, 2021 10:38 am PST by
Sideloading is a fancy word for downloading an app binary from non-official platforms or the open internet and installing it on a device like a normal app. The practice is allowed on Android, granting users the flexibility of downloading apps from official or non-official app stores and the open internet. The iPhone, on the other hand, is a polar opposite. Since the launch of the App Store...
apple tv keyboard notification iphone tight

iOS 15 Doesn't Offer a Way to Disable Apple TV Keyboard Notifications

Wednesday September 29, 2021 11:56 am PDT by
iOS 15 was released last week with a long list of new features, but there is one change that is proving to be an annoyance to users. On the Apple TV, users who prefer not to input text using the Siri Remote can use a nearby iPhone or iPad to type. Whenever a text field appears on the Apple TV, a notification appears on the iPhone or iPad, and after tapping the notification, users can use the ...