Apple warns Russian journalists of Pegasus iPhone infections

Posted:
in iOS edited September 2023

Apple has started to warn Russian journalists that they are the targets of attacks using Pegasus, spyware used by governments to hack and monitor iPhones.




Pegasus is well known for being a tool by governments and law enforcement agencies around the world for covertly monitoring the activities of people of interest, including activists and journalists. In the latest reporting on the malware-based tool, it is now allegedly being used against journalists covering Russia.

According to the New York Times, Apple has proactively been sending notifications to journalists and media workers for Russian news outlets, advising that they have become the target of "state-sponsored hackers."

Reports from Wednesday revealed that Apple had warned of a possible state-sponsored attack of Meduza publisher Galina Timchenko, a Russian publication operating in exile. Timchenko's iPhone was infected in Germany just two weeks after the newspaper was deemed an "undesirable organization" in January by Russia.

By Thursday, former editor of Current Time Yevgeny Erlich revealed on social media that he had received the same Apple warning. Maria Epirfanova and Evgeniy Pavlov of Novaya Gazeta Europe had the same warnings.

Apple does send out notifications about threats from state-sponsored attackers, and has an entire support page explaining what they are and what users should do to lock down their accounts.

Despite the international criticism of Pegasus, as well as its development by the NSO Group, the tool continues to be worked on, and be used for surveillance purposes. In May, it was claimed that at least a dozen victims in Armenia were targeted by Pegasus, which became the first recorded use of the iPhone spyware in a military conflict.

Read on AppleInsider

Comments

  • Reply 1 of 5
    It would be even nicer of Apple if it fixed the weaknesses Pegasus takes advantage of.  Actually, until this article appeared, that's what I assumed Apple had already done, given Pegasus' notoriety.  Unless, of course, those weaknesses require social engineering - not much Apple can do about people's stupidity.
    watto_cobra
  • Reply 2 of 5
    Pegasus has been around for years now. Could somebody please write a professional but comprehensive article explaining why Apple has not been able to protect us from this loophole?
    edited September 2023 appleinsideruserwatto_cobra
  • Reply 3 of 5
    netroxnetrox Posts: 1,506member
    Pegasus has been around for years now. Could somebody please write a professional but comprehensive article explaining why Apple has not been able to protect us from this loophole?
    Apple already explained that those attacks are very sophisticated and likely have direct hand on access to those devices and rigged them.

    "Apple threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers. These users are individually targeted because of who they are or what they do. Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent. State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks."
    Alex1NFileMakerFellerwatto_cobra
  • Reply 4 of 5
    Mike WuertheleMike Wuerthele Posts: 6,930administrator
    netrox said:
    Pegasus has been around for years now. Could somebody please write a professional but comprehensive article explaining why Apple has not been able to protect us from this loophole?
    Apple already explained that those attacks are very sophisticated and likely have direct hand on access to those devices and rigged them.

    "Apple threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers. These users are individually targeted because of who they are or what they do. Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent. State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be targeted by such attacks."
    It's also a moving target. As exploits are discovered, NSO Group happily uses them.
    Alex1NchasmFileMakerFellerwatto_cobra
  • Reply 5 of 5
    gatorguygatorguy Posts: 24,651member
    This blog article explains why there's not specific mitigation for Pegasus spyware, or other providers of surveillance malware for that matter. There's a lot of cross-platform cooperation involved in keeping the harm to a minimum. 
    https://blog.google/threat-analysis-group/googles-efforts-to-identify-and-counter-spyware/
    Alex1NFileMakerFeller
Sign In or Register to comment.