A hand holding a phone with a question mark on it.
Shot

Journalists, oppn leaders say Apple warned them they’re ‘targeted by state-sponsored attackers’

At least 10 journalists and opposition leaders in India allegedly received notifications from Apple, saying “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID”.

The Wire identified the 10 personalities as Trinamool Congress MP Mahua Moitra, Shiv Sena (UBT) MP Priyanka Chaturvedi, AAP MP Raghav Chadha, Congress MP Shashi Tharoor, CPIM general secretary Sitaram Yechury, Congress spokesperson Pawan Khera, Samajwadi Party president Akhilesh Yadav, The Wire editor Siddharth Varadarajan, Deccan Chronicle resident editor Sriram Karri, and ORF president Samir Saran.

Several of them had posted about it on X:

The news portal alleged the “language of Apple’s warning is identical to what the phone manufacturer has used in the past”. Newslaundry could not independently corroborate this. Tharoor had tweeted that the email came from “threat-notifications@apple.com”.

Moitra later tweeted that “others in the office of Rahul Gandhi” had been targeted too. Journalist Revathi Pogadadanda said she had received a message from Apple too.

According to Apple’s website, if Apple discovers activity “consistent with a state-sponsored attack, we will notify the targeted users in two ways”, including by email.

Apar Gupta, founder of the Internet Freedom Foundation, tweeted at length about why these emails should not be considered “false alarms”.

Newslaundry emailed Apple’s official spokesperson a set of questions on whether the company had sent the alerts, the origin of the alleged attacks, the number of users who received these alerts, and how Apple identifies such attacks.

In response, Apple said it does not attribute the notifications to “any specific state-sponsored attackers”.

“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future,” the company said.

Newslaundry learned that since the threat notifications feature was enabled, these notifications have been sent to individuals whose accounts are in nearly 150 countries.

Importantly, these developments come nearly two years after India reportedly used Israeli spyware for targeted surveillance. Get all the details here.

This is a developing story.

Also Read: India’s domestic spy agency bought NSO hardware that matches Pegasus specifications