Apple’s new warning system against state spyware attacks is already active: at least six activists and scientists in Thailand who are considered critical of the government have received corresponding warnings, such as the news agency Reuters reported on Wednesday. The iPhone users were informed by email and in some cases also via iMessage.
The letter states that Apple has reason to believe that state-sponsored attackers want to compromise the iPhones of the customers notified – and may already be able to monitor their communication, access sensitive data and control cameras and microphones remotely. One of the recipients of the spyware alert is loud Reuters among others a political scientist at a university in Bangkok, employee of a Thai human rights organization and a local opposition politician.
It could be a “false alarm”, but the warning should still be taken seriously, stressed the US company in its communications. As an immediate countermeasure, Apple recommends updating to the latest version iOS 15.1.1 and contacting security experts. The spyware attacks detected are “ineffective” against the latest version of iOS, the company believes. Apple is still delivering security updates for iOS 14 (and iOS 12), but weaknesses can apparently remain open in the older systems.
Spyware attacks via Apple’s iMessage infrastructure
Apple sued the Israeli spyware manufacturer NSO Group on Tuesday after several targeted attacks on iPhones were documented – which were carried out, among other things, via the communication service iMessage and thus Apple’s server, as the company lists in the complaint. Following this, Apple announced that it wanted to inform users about such targeted spyware attacks on behalf of the state.