Apple warns Indian iPhone users of possible ‘mercenary spyware’ attack

Avatar

The daughter of and media adviser to the president of an Indian state political party is one of the most recent targets in the country’s long history of spyware scandals, according to local reports.

“Got an Apple alert that my phone’s been hacked by Pegasus which GOI (Government of India) has admittedly procured & weaponised to harass critics & political opponents,” victim Iltija Mufti said on X.

Additionally, the founder of the Delhi-based Samruddha Bharat Foundation Pushparaj Deshpande also said Wednesday he received a similar threat notification from Apple, according to local news reports. His foundation works with India’s “foremost academics, activists, professionals, the diaspora, policy makers across party lines as well as all progressive forces” to “shape the polity,” according to its website.

Deshpande told a local news outlet that he is “assuming this is an escalation of what my organization has been facing for a while. If this is sanctioned by state actors, this is a structural assault on all progressives safeguarding India’s soul.”

It is unclear who is behind the attacks.

The victim announcements came soon after Apple’s latest quarterly updates to iPhone owners suspected to be infected with “mercenary spyware.” It is unclear exactly when Mufti and Deshpande’s phones were targeted. 

Pegasus is a particularly powerful zero-click exploit which silently takes over targeted devices. The technology is manufactured and sold by Israel’s NSO Group, which has repeatedly said it sells the spyware to governments to use on non-civil society figures.

The latest attacks are just the most recent in a long string of scandals showing the proliferation of Pegasus targeting civil society and opposition party victims worldwide. Hungary, Greece, Poland, Spain, Mexico, India and a raft of other countries have grappled with the misuse of Pegasus in recent years.

Mufti, one of the latest Indian victims, told the Indian Express that she has never before received such an alert and alleged that the Indian government has a “history of intimidating rivals and silencing dissenters and opponents by hacking into their phones.”

“Snooping around on women is a new low,” she added. “I’m shocked they’ve attempted to hack into my phone to intercept my personal information.”

Mufti’s mother Mehbooba Mufti is the president of the Jammu and Kashmir Peoples Democratic Party (PDP) in Jammu and Kashmir, India. 

India has an entrenched history of spyware abuses. The country’s use of Pegasus to spy on civil society figures and opposition politicians is believed to date to at least 2017.

Some of these incidents were documented in the Pegasus Project, a 2021 investigative report showing how the country, along with others, has long spied on human rights defenders, journalists and others. 

The report found Pegasus spyware targeted ministers, opposition leaders, political strategists, journalists, Supreme Court judges and other Indian leaders. The Indian government has not cooperated with investigations into its usage, according to the country’s Supreme Court.

Last year, Amnesty International’s Security Lab confirmed that Siddharth Varadarajan, a prominent journalist, had been targeted with Pegasus for the second time, an attack that was unsuccessful. Varadarajan’s device had previously been infected with Pegasus in 2018.

Apple also sent threat notifications to Indian opposition leaders in October, warning of a “potential state-sponsored spyware attack” on their devices.

CybercrimeGovernmentNewsTechnologyPrivacy
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Suzanne Smalley

is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.

 

Total
0
Shares
Previous Post

Russian disinformation network’s infrastructure is spread across Europe, report says

Next Post

Macau government websites hit with cyberattack by suspected foreign hackers

Related Posts

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country," Kaspersky said in a new analysis. "It's likely that the attackers are testing the
Avatar
Read More

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security
Avatar
Read More