Multiple top leaders of India’s opposition parties and several journalists received a notification from US-based tech giant Apple on Monday night, saying that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID ….”
the email header read, “ALERT: State-sponsored attackers may be targeting your iPhone”.
Received a message from Apple that state-sponsored attackers are targeting my phone
— KTR (@KTRBRS) October 31, 2023
It’s of course not at all a surprise as we know BJP can stoop to any lows to attack the opposition leaders pic.twitter.com/7nadb2BYEo
The email further read, “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID. These attackers are likely targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.”
“While it’s possible this is a false alarm, please take this warning seriously.”, it added.
While the language of Apple’s warning is identical to what the phone manufacturer has used in the past to alert victims of spyware around the world, the fact that at least five persons in India received the same alert at the same time (11:45 pm on October 30, 2023) suggests those being targeted are part of an India-specific cluster.
Apple’s Response:
In a statement on Tuesday, clarifying Apple said, “Apple does not attribute the threat notifications to any specific state-sponsored attacker.”
The company further added, “State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete.”
Further, the company noted that “It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future.”
These threat notifications were enabled by the company in 2021, and since then such notifications have reportedly been sent to individuals in nearly 150 countries.
Apple has not provided any information regarding whether the Indian government inquired about these alerts or if they intend to disclose further details on their method for detecting these hacking attempts if requested.
List of prominent people who received the alert message:
People who received the alert message-:
- Mahua Moitra (Trinamool Congress MP)
- Priyanka Chaturvedi (Shiv Sena UBT MP)
- Raghav Chadha (AAP MP)
- Shashi Tharoor (Congress MP)
- Asaduddin Owaisi (AIMIM MP)
- Sitaram Yechury (CPI(M) general secretary and former MP)
- Pawan Khera (Congress spokesperson)
- Akhilesh Yadav (Samajwadi Party president)
- Siddharth Varadarajan (Founding editor, The Wire)
- Sriram Karri (Resident Editor, Deccan Chronicle)
- Samir Saran (President, Observer Research Foundation)
- Revathi (Independent journalist)
- K.C. Venugopal (Congress MP)
- Supriya Sule (NCP MP)
- Anand Mangnale (Regional Editor, South Asia, OCCRP)
- Multiple people who work in Congress MP Rahul Gandhi’s office
- Revanth Reddy (Congress MP)
- T.S. Singhdeo (Chhattisgarh deputy CM and Congress leader
- Ravi Nair (Independent journalist)
- KT Rama Rao (Telangana minister and BRS leader)
Congress leader Rahul Gandhi did a press conference with a full print of the threat email
Central Government’s Reaction:
On Tuesday, the Union government said it would launch an investigation into the alerts though the Minister for Electronics and Information Technology Ashwini Vaishnaw described Opposition claims of snooping as “vague”.
“I would like to clearly say that the Government is very concerned about this issue and that we will get to the bottom of this,” Mr. Vaishnaw said. “This country has compulsive critics who wake up every day to criticize the Government on any given issue. These people cannot stand seeing this country’s progress.”
“We have asked Apple to cooperate in the investigation because this is a matter of great concern to us,” Mr. Vaishnaw added.
Recalling Pegasus:
In July 2021, a global collaborative investigative project reported that a spyware called Pegasus, developed by an Israeli cybersecurity company called NSO Group, which was sold only to government agencies, was allegedly used on more than a dozen phones in India, of politicians, journalists, human rights defenders, and others, it had been infected with the Israeli spyware which hundreds more had likely been targeted.
On October 27, 2021, a three-judge Bench of the Supreme Court led by then Chief Justice of India (CJI) N V Ramana appointed an Expert Committee headed by Justice R V Raveendran (retd) to look into the allegations in the Pegasus spyware case,
The government has not explicitly denied that it has used Pegasus, and did not participate in a Supreme Court-led investigation into the matter.
On August 25, 2022, the top court recorded in its order that the expert committee found no conclusive evidence for the use of the NSO Group’s Pegasus spyware in the phones that it examined. The court also noted that the Centre “has not cooperated” with the panel..
However, import data uncovered by OCCRP showed that the Intelligence Bureau, under the Ministry of Home Affairs, had imported equipment from the NSO Group in 2017. The OCCRP’s South Asia editor, Anand Mangnale, also received an alert from Apple about being targeted by state-backed attackers
The U.K.-based Financial Times(FT) has reported that since the NSO Group shut down, Indian officials have been seeking spyware vendors who can match Pegasus’ capabilities. The Indian government is scouring the globe for spyware it could use which has a “lower profile” than Pegasus. FT wrote that the Modi government is willing to spend anywhere up to $120 million to obtain the spyware, citing people familiar with the matter. India’s defence ministry declined to comment on the report, the newspaper said.