Just hours after launching a lawsuit against Israeli spyware company NSO Group, Apple reportedly sent a threat notification alert to all victims of state-sponsored hackers in El Salvador, Thailand, and Uganda.
Apple Issues an Alert
According to Reuters, the notification was sent to at least six Thai activists and researchers who have been critical of the government, including Prajak Kongkirati, a political scientist at Bangkok’s Thammasat University, Sarinee Achananuntakul, a researcher, and Yingcheep Atchanont, a Thai activist with the legal monitoring group iLaw.
According to TechCrunch, Citizen Lab, which records all illegal hacking and surveillance, uncovered a Pegasus spyware operator active in Thailand in 2018.
The alerts, which Apple stated were designed to notify and assist consumers who may have been targeted by state-sponsored attackers, were also issued to other El Salvador users.
This includes 12 staffers from El Faro, a highly critical online digital newspaper, as well as two leaders of civil society organizations and two opposition lawmakers.
The Democratic Party of Uganda’s president, Norbert Mao, also announced on Twitter that he had received the threat letter from Apple.
Apple advises consumers that it believes they are being targeted by state-sponsored attackers attempting to remotely exploit iPhones connected with specific Apple IDs.
These attackers are specifically targeting users based on who they are or what they do. If a state-sponsored attacker compromises the device, they may be able to remotely access critical data, conversations, or even the microphone and camera.
While it is possible that the warning is a false alarm, Apple encourages customers to take it seriously.
NSO Group sues Apple
According to the BBC, Apple sued NSO Group on November 22 to seek a permanent injunction to ban the Pegasus spyware developer from using any Apple equipment in their activity.
This would make it more difficult for NSO Group to identify and exploit flaws in iPhone software and hence hack the targets.
Ivan Krstic, Apple’s security head, stated that the steps they are taking today will send a clear message that it is not acceptable in a free society to weaponize sophisticated state-sponsored spyware against those who aspire to make the world a better place.
Krstic went on to say that Apple has one of the most comprehensive security engineering organizations in the world, and that they would continue to work relentlessly to safeguard customers from abusive state-sponsored actors such as NSO Group.
What exactly is Pegasus Spyware?
Pegasus is malware created by a private firm for government agencies to utilize. According to The Verge, the application infects a victim’s phone and transmits back data such as messages, images, audio, and video recordings.
The developer of Pegasus, an Israeli firm named NSO Group, claims that the program cannot be traced back to the government utilizing it, which is a critical characteristic for clandestine operations.
In a nutshell, NSO Group creates solutions that allow governments to spy on citizens. On its website, the company characterizes its products’ function as assisting government intelligence and law-enforcement organizations in using technology to face the obstacles of encryption during criminal investigations and terrorism.
As you might expect, civil rights advocates are upset about the spyware-for-hire business, and limiting it to government clients does little to alleviate their concerns.