Apple Issued A New Spyware Warning To Iranians—What To Know
Apple has been issuing spyware warnings for some time, to alert those targeted by the dangerous malware so they can take action. Recently, one of these warnings was targeted at Iranian dissidents living in the country and overseas, according to a report in Bloomberg.
The claims come from a report by Miaan Group, a digital rights organization that focuses on Iran, and Hamid Kashfi, an Iranian cybersecurity researcher who lives in Sweden. The pair told TechCrunch they had spoken to Iranian iPhone users who have received the Apple notifications over the last year.
'Two people in Iran come from a family with a long history of political activism against the Islamic Republic. Many members of their family have been executed, and they have no history of traveling abroad,' Amir Rashidi, Miaan Group's director of digital rights and security, told TechCrunch. 'I believe there have been three waves of attacks, and we have only seen the tip of the iceberg.'
Iranian iPhone Users Targeted Ahead of Iran-Israel War
The spyware victims' iPhones were hit ahead of the Iran-Isarel war, raising interesting questions about who could have been behind the attacks. More than a dozen Iranian iPhone users were identified as having been targeted by the government spyware, but human rights groups estimate that this is just a fraction of the total.
The attacks could have been perpetrated by another nation state, such as Israel — or even in a joint initiative with the U.S. This has happened before, in 2010, when the two are alleged to have been behind a devastating attack on an Iranian nuclear facility using a worm called Stuxnet.
However, Miaan Group's Rashidi told TechCrunch he believes Iran's government is behind the Apple spyware attacks. Further investigation is needed, but there is no reason for members of civil society to be targeted by anyone else, he said.
It is unclear which spyware maker is behind the recent attacks on iPhones. However, the most recent reports have seen Paragon Graphite target devices.
The news that Iranian dissidents were targeted comes as researchers at Lookout identified Iranian government affiliated threat group MuddyWater using DCHSpy spyware to attack Android users. DCHSpy collects WhatsApp data, accounts, contacts, SMS, files, location and call logs — and can record audio and take photos.
I asked Apple to comment on this latest report and will update this article if the firm replies.
Spyware Targeting iPhones — What To Do
I have covered numerous reports of spyware targeting iPhone users, with variants including Pegasus and LightSpy which take advantage of unpatched software vulnerabilities.
It's therefore integral that people who could be attacked keep their iPhones up to date. In addition, turning your iPhone on and off again can disrupt the malware, temporarily disabling it.
Apple itself recommends Lockdown Mode, which reduces the functionality of your iPhone but also stops spyware from taking hold. If you do think you're a victim of spyware, or if Apple has sent you a notification, contact Access Now or Amnesty for help.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Tom's Guide
10 minutes ago
- Tom's Guide
I've been tracking deals for 18 years and I've never seen MacBooks this cheap — back to school deals from $599
I've been using Macs since the Performa 637CD. It was an epic machine with a 33 MHz 68LC040 processor, 8GB of RAM, 350MB HDD, and a 2x CD-ROM. Today's Macs blow that machine out of the water and with back to school sales underway, I've spotted some of the best MacBook deals of all time. If you're on a tight budget, Walmart has the MacBook Air (M1) on sale for $599. Yes, this model was released in 2020, but that M1 chipset can still provide enough horsepower for basic Web-based tasks and it's great for young students who aren't editing photos or 4K video. If you can spend a bit more, the current-gen 13-inch MacBook Air (M4) is on sale for $799 at Amazon. This is the deal I'd personally buy because you get a powerful M4 processor coupled with 16GB of RAM. That's enough to get you through four years of college and then some. The new MacBook Air is powered by Apple's latest M4 chipset. It upgrades the camera from 1080p to 12MP with Center Stage support. The M4 chipset also supports dual external monitors, even when you have the laptop's lid open. It packs a 13.6-inch Liquid Retina display (2560 x 1664), Apple's M4 CPU w/ 10-core GPU, 16GB of RAM, and 256GB SSD. In our MacBook Air M4 review, we said the Editor's Choice laptop is irresistible thanks to its speedy performance, sharper camera, and lower starting price. Prefer a bigger screen? The 15-inch model is also on sale. It packs a 15.3-inch Liquid Retina display (2880 x 1864), Apple's M4 CPU w/ 10-core GPU, 16GB of RAM, and 256GB SSD. The MacBook Air M1 offers fantastic performance and value. The M1 CPU never stuttered in our tests and also helped it reach over 14 hours of battery life. It features a 13.3-inch Retina display, Apple M1 CPU, 8GB of RAM, and a 256GB SSD. In our MacBook Air M1 review, we said it offers amazing endurance and shockingly good speed. For $100 more, this deals gets you an M2 chipset and — more importantly — 16GB of RAM. That extra RAM is the reason I'd recommend this machine over the M1-based model as it'll give you a better experience when it comes to multitasking. The laptop is remarkably light and thin yet sports a 13.6-inch Liquid Retina display, a speedy Apple M2 CPU w/ 8-core GPU, 16GB of RAM, 256GB SSD, and a great 1080p FaceTime camera. In our MacBook Air M2 review we lauded this Editor's Choice laptop for its versatility and battery life, so don't miss your chance to get one at a great discount. The 13.3-inch MacBook Air (M1) for $599 at Walmart is a good deal, but one I'd only recommend to students on a very tight budget. Otherwise, I recommend spending a little more for the M2 or M4 model which each come with 16GB of RAM. If you don't need a laptop — consider getting the Mac mini (M4) for $539 at Amazon. (Just note it's sold for $499 in the past, so this is a good price, but not the lowest). Otherwise, I'd say the 13-inch MacBook Air (M4) is the best MacBook you can buy and one of the best laptops on the market. I don't foresee these laptops getting any cheaper come Labor Day, so now is the best time to purchase one.
Gizmodo
10 minutes ago
- Gizmodo
Apple's Tim Cook Talks Trump Tariffs and AI
On Thursday, Apple CEO Tim Cook said the Silicon Valley company could end up spending nearly $2 billion thanks to President Donald Trump's tariffs. 'For the June quarter, we incurred approximately $800 million of tariff-related costs,' Cook told investors on an earnings call. He added that the company expects those costs to climb to $1.1 billion in the quarter ending in September if Trump's tariff policies remain unchanged. As Apple watchers know, that's the same month when the new round of iPhones (and their prices) will be announced. Trump's tariff policies have affected all of Apple's devices, which are manufactured primarily in China, India, and Vietnam. Since the beginning of his second term, Trump has used the threat of tariffs to pressure Apple and other American companies to shift production back to the U.S. In an effort to appease Trump, Apple said it is launching a manufacturing academy in Detroit later this year. The project is tied to the company's plan to invest more than $500 billion in the U.S. over the next four years. Even with the added costs, Apple still managed to boost revenue 10% year-over-year in the quarter, reaching $94 billion. On the AI front, Cook told investors that Apple plans to 'significantly' increase its investments in artificial intelligence, as it tries to catch up with its rivals. He said that the company is open to acquisitions that could accelerate those efforts. Apple wasn't the only company to talk about AI this week during its earnings report. Amazon also reported earnings on Thursday, revealing the scale of its AI spending. The e-commerce giant poured $31.4 billion into capital expenses last quarter and expects a similar pace in the second half of the year. CEO Andrew Jassy also highlighted Alexa+, a premium version of its digital assistant, as one way the company could further monetize AI with ads. 'People do a lot of shopping [with Alexa+]; it's a delightful shopping experience that will keep getting better,' Jassy said on a call with investors. 'I think over time, there will be opportunities, as people are engaging in more multi-turn conversations, to have advertising play a role to help people find discovery, and also as a lever to drive revenue.' For Microsoft, its AI bets are already paying off in a big way. After reporting earnings this week, the software giant joined Nvidia as the only companies in history to reach a $4 trillion market cap. Revenue for the latest quarter rose 18% to $64 billion, driven largely by growth in its cloud computing services. Despite its financial success, Microsoft recently cut thousands of jobs. In a company-wide memo, CEO Satya Nadella described this tension as the 'enigma of success,' noting that the company is posting record profits even as it laid off 9,000 workers earlier this month.
NBC News
11 minutes ago
- NBC News
Less staff, even less trust: Some states say they can't rely on Trump's DHS for election security
When Arizona discovered in June that its website for politicians to file as candidates had been hacked, Secretary of State Adrian Fontes did something that would have been unthinkable in the past two presidential administrations: He kept the feds in the dark. Hackers had replaced past candidates' photos with that of Iran's former supreme leader, Ayatollah Ruhollah Khomeini. Such website defacements are relatively common and are often crimes of opportunity, where hackers spot a flaw they can exploit and use it to draw attention to their cause without doing serious damage. Arizona took the portal offline and remedied the issue. Still, an attack by pro-Iranian hackers is something to note, the kind of thing that secretaries of state and cybersecurity experts share in order to keep colleagues aware of ongoing threats. But in this political climate, Fontes decided it was best to handle on his own. 'The political theater that we've seen out of the Department of Homeland Security, I don't want that anywhere near my security operations,' he said. 'I don't want that anywhere near my Threat Assessment operations. I don't want that anywhere near my technicians or the folks who are actually doing the hard work keeping us and our system safe.' Fontes' decision highlights a major concern around cybersecurity cooperation and election security in the second Trump administration. Cuts to the federal government's election security work and the politicization of Homeland Security have left somestate election heads unsure of how they would work with the federal government if they are hacked. Experts say that a lack of communication could lead to more and worse hacks surrounding elections. 'The challenge in the wake of the evisceration of election security funding by the Trump administration is that it is unclear who to call at [the Cybersecurity and Infrastructure Agency] to share this information and what resources are still available,' Shenna Bellows, the secretary of state of Maine, told NBC News. Bellows and Fontes are Democrats. The Cybersecurity and Infrastructure Agency (CISA), created in 2018 in the first Trump administration as part of the Department of Homeland Security to protect crucial services from hackers, has emerged in recent years as the clearinghouse for election officials to share cybersecurity information. But things have changed in the second Trump administration, which has cut most of CISA's election security services and has sought to punish its first director for openly defying the president, particularly around election fraud claims. Three state election heads and a former CISA official who spoke to NBC News said it's clear the agency is no longer as effective in protecting U.S. elections. 'You're hanging states out to dry, basically, to let them fend for themselves,' said Pam Smith, the president of Verified Voting, a nonpartisan nonprofit devoted to providing election officials with resources for their jobs. 'If you do that, I don't think you can expect that people will share,' she said. 'That sort of trusted relationship is essentially broken. That's not to say that it couldn't be rebuilt, but it would require some evidence that they've got your back.' Bellows said that it was unclear how helpful the agency will be going forward or even if it can help. 'It's not that I don't know the names of appointees in certain titles," Bellows said. "But the people doing the work on the ground over the last four years, many of them were fired, and funding for core election cybersecurity services has been eliminated." Phil McGrane, Idaho's secretary of state and a Republican, said the lack of resources at CISA is clear, leaving state officials to figure out a new way forward. 'As a community, we're going through a process right now trying to determine, 'All right, what does this look like moving forward? How much do the states pick up and do some of this work and provide services to their offices?'' he told NBC News. The Trump administration has cut most election security resources from CISA, which before this year had worked to beef up trust with state and local election officials. A CISA spokesperson declined to tell NBC News if any dedicated election security officials still worked at the agency, citing a policy of not discussing personnel matters. The agency also cut funding for the EI-ISAC, a threat information sharing program for election officials. Election officials are still able to receive CISA's general warnings of cyberthreats, like the recent flaw in Microsoft's SharePoint platform. In an emailed statement, a DHS spokesperson said: 'The integrity and security of our nation's elections systems are non-negotiable. We look forward to working with Arizona to continue making sure their citizens get what they deserve — secure and transparent elections.' The White House did not respond to a request for comment. In the Biden administration and during Trump's first term, CISA was the central hub for election cyber information. It may not have been able to keep a state like Arizona from being hacked, but it could have quickly sounded the alarm if it were, minimizing the chance that other states fell to the same tactics. CISA also had open channels with intelligence agencies like the FBI and National Security Agency to get advance warning of what foreign intelligence agencies were planning, information not generally available to local election officials. But CISA caught Trump and his allies' ire in 2020 when it publicly rebutted false claims about elections being rigged or stolen, countering Trump's insistence that he had actually won that year's election. Since retaking the presidency, Trump has called for the agency's director in his first term, Christopher Krebs, to be investigated despite no public evidence of wrongdoing, a move that has disheartened and upset agency employees. One former CISA official, who requested to not be publicly identified because of the current political atmosphere around the agency, said open communication between the agency and states was fundamental to how the government protected elections from hackers. 'Encouraging voluntary information sharing during incidents was so vital to the whole enterprise, and that appears to be severely degraded,' he told NBC News. 'Less complete information and slower response means potentially more victims and more disruptive impact.' 'We would have been all over this. 'We'd want to know, is there a foreign nexus?' he said about the Arizona hack. 'What else did they try to get into? Was it in other states? Did compromises occur elsewhere? There would be people looking at [reports], working with federal and industry partners, trying to figure out how widespread or isolated it was. Was it targeting elections, was it broader?' he said. Voting machines are generally not directly connected to the internet, and the likelihood of a hacker remotely changing official results is extremely low. The vast majority of voting machines in the U.S. now use paper ballots, which the voter can verify and which can be audited. But many other election-related systems are online, and hackers can theoretically exploit them to make it more difficult for people to vote or to sow chaos around unofficial results as they come in. Smith, the head of Verified Voting, questioned why the cuts to election security happened in the first place. 'The most important thing is that relational trust got broken," she said. "You slash funding for important threat sharing centers. You cut whole teams of people whose job it was to support election officials and their work. 'There's no sign of any explanation about why all of that is necessary, or prudent, or helpful,' she added.
