On Monday, Apple sent emails and texts to Indians, including opposition leaders, alerting them to the possibility that state-sponsored intruders were attempting to infiltrate their iPhones. The warnings were issued a year after a group of specialists hired by the Supreme Court discovered conflicting proof that 29 phones it examined contained Pegasus malware.
A few months after the revelations, Apple launched a lawsuit against the Israeli company that created Pegasus, the NSO Group, alleging that they were the subject of state-sponsored cyberattacks.
How the notification is sent?
It delivers iMessages and emails to the phone and address linked to an individual’s Apple ID. A red “Threat Notification” banner is also shown by the corporation at the top of the website following a user’s login to applied.apple.com. The date that an email and iMessage notice was issued is also included in the banner.
Is it authenticated?
No, the company has specified that some might be the fake alarms.
How does the detection takes place?
It uses the signals it gets for threat intelligence to find them. Information on how the firm discovered an assault is consistently withheld, citing concerns that doing so may enable state-sponsored attackers to modify their tactics and avoid detection in the future.
Ways to decode the fake alarms
Apple is quite explicit in saying that there are never any connections in its danger warnings. Users are never prompted to install any applications or accounts, and they are never sent Apple ID passwords or verification tokens by phone or email. Apple uses spaces to indicate URLs that users may click on to get additional information. This forces users to enter the links, preventing them from clicking on potentially harmful ones.
Who can be targeted?
According to Apple, the majority of individuals won’t ever be the target of a state actor. Such attacks demand large amounts of material, financial, and human resources. For this reason, nation-states typically support the entities capable of carrying out these kinds of attacks. A journalist, human rights advocate, politician, or a well-known and vociferous government opponent might all be targets. “State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks.”
How to avoid them?
Update applications and gadgets often. Make use of multi-factor authentication, strong passwords, and device passcodes. Never reuse passwords across services or sideload applications. Do not open attachments or URLs from senders you are not familiar with. Turn on lockdown mode.
All about Lockdown Mode
In September 2022, Apple launched Lockdown Mode for iOS 16, iPadOS 16, MacOS Ventura, and watchOS 10. This mode reduces the attack surface that may be exploited by “highly targeted mercenary spyware” by allowing alternative programmes and functionalities to operate. For example, the majority of mail attachment types will be prohibited.