Apple has reportedly sent warnings to multiple Iranians that their iPhones have been targeted by spyware attacks led by the Iranian government. Spyware refers to a type of hacking that is malicious software installed on a computer without user consent, designed to collect personal information or alter system settings.
According to IT media TechCrunch and Bloomberg on the 23rd, the Iranian digital rights group Miaan Group and Hamid Kashfi, an Iranian cybersecurity researcher residing in Sweden, stated they have conducted an investigation targeting Iranians who received notifications from Apple over the past year.
Previously, the Miaan Group released a report on the state of cybersecurity in Iranian civil society, confirming that their research team identified three cases of Iranians who received spyware attack warnings in April of this year (two within Iran and one in Europe).
Most of the Iranians who received warning notifications from Apple are known to have a history of political activism. Amir Rashidi, director of digital rights and security at the Miaan Group, said, "Two victims within Iran come from families that have long been politically active against the Islamic Republic, and many family members have been executed, and they have no history of traveling abroad."
According to Bloomberg, Apple sent them a notification stating that "mercenary spyware attacks are one of the most sophisticated digital threats that exist today due to extreme expenses, sophistication, and the global environment" and that "it is highly likely that this attack is due to your identity or occupation." It was also reported that the message noted these hacking attempts are "extremely rare cases."
The Miaan Group believes that the Iranian government is likely behind the attacks. Rashidi stated, "I think there is no entity other than Iran that has a reason to target civil society members."
However, it has not yet been confirmed whether the Iranian government is behind the attacks. According to TechCrunch, researcher Kashfi stated that he helped conduct a forensic analysis on two victims but could not identify the source of the spyware attacks. Additionally, it is known that most victims went silent during the investigation process due to fear of retaliation.
Meanwhile, Apple sends threat alert messages to victims when iPhone hacking is detected. Over the past few years, Apple has sent multiple warnings to users believed to have been targeted in government spyware attacks. Apple has stated on its "Threat Alert" support page that since 2021, it has sent these alerts to users in over 150 countries worldwide.