Apple bows to pressure to update security notice – Reuters

12 Apr, 2024 17:44 / Updated 8 months ago
The tech giant has reportedly complied with an Indian request to drop the term ‘state-sponsored’ from malware attack notifications

US tech giant Apple has warned its users in 92 countries that they were possible victims of a “mercenary spyware attack,” backtracking on the term ‘state-sponsored’ it had used in previous alerts to refer to such malware attacks.

The company reportedly sent a notification email to targeted users on Thursday, claiming it had discovered that attackers tried to “remotely compromise” their iPhones.

On Wednesday, Apple posted on its website that the threat notifications were designed to help users “who might have been individually targeted by mercenary spyware attacks.”

In its previous statements the company had linked sending such threat notifications to state-sponsored attacks. It also claimed such attacks have been historically associated with state actors, including private companies developing mercenary spyware on their behalf, such as Pegasus spyware from Israeli-based firm NSO Group.

Meanwhile, Reuters reported on Thursday, citing a source with direct knowledge, that the removal of the term ‘state-sponsored’ from the description of threat notifications follows increased pressure from the Indian government. The company reportedly held extensive talks with Indian officials before releasing the latest set of alerts, according to the source.

Last October, India’s opposition politicians accused Prime Minister Narendra Modi’s government of trying to hack into their mobile phones after they received Apple’s messages warning of state-sponsored attacks.

New Delhi then immediately asked the tech company to assist in investigating the matter and provide “real” and “accurate” information. According to Reuters, it was not clear if other governments also raised similar concerns.

Apple said in its notification email to users this week that it had sent similar alert notices multiple times a year since 2021. Users in more than 150 countries have been notified to date.