Apple Warns of Potential State-Sponsored Attacks on iPhones in Armenia

Apple has reportedly issued targeted threat notifications to a number of iPhone users in Armenia. These alerts, which surfaced on October 30, 2023, coincided with similar warnings dispatched to several Indian political figures, flagging possible state-sponsored cyber attacks.

According to an investigative report by Armenian news outlet Media.am, the specific content of these warnings suggests that the devices could have been compromised by Pegasus spyware. This sophisticated intrusion software, attributed to the Israeli firm NSO Group, has been at the center of international espionage controversies, implicating government entities in the clandestine monitoring of individuals.

While Apple’s alert refrained from pinpointing the origins or confirming the deployment of NSO Pegasus, it conveys a significant threat level that merits immediate user action, Media.am reported.

The incidents come at a time of heightened vigilance by Apple, following widespread reports in recent years of state actors leveraging Pegasus spyware to snoop on journalists, activists, and political adversaries. Apple has previously engaged in legal battles with NSO Group, advocating for user privacy and security.

Media.am’s coverage delves into the potential scale of this cyber surveillance activity, suggesting that “the actual number of targets in Armenia could run into thousands, a figure that is challenging to pin down but nonetheless alarming.”

The news has prompted renewed attention to digital privacy concerns among the public and within the tech community. An anonymous source from within a government department in Armenia told Media.am on conditions of anonymity, “It appears to be a widespread issue. Our entire department has received the alert.”

Apple’s threat notifications, first introduced in 2021 as a response to the proliferation of state-backed cyber espionage, represent a concerted effort by the tech giant to alert and assist users in safeguarding their devices against unauthorized access and monitoring.

The alerts are formulated to provide users with actionable advice without stirring unnecessary panic, as exemplified in an example notification which states: “This may be a reoccurrence of previous hacking attempts, or a new issue. Regardless, we urge you to follow recommended security measures promptly.”

As of now, Apple has not issued any public statement regarding the specific incidents in Armenia and India beyond the alerts sent to individual users. The discerning nature of these alerts, selectively notifying those deemed at risk, indicates the serious nature of the threats identified by Apple’s security teams.

For users on the receiving end of such notifications, the message from Apple is clear: stay alert, update security protocols, and remain vigilant against potential cyber threats that continue to evolve in complexity and stealth.