Quite disappointing
Tharoor, Moitra, Chadha among Opp politicians to get Apple’s ‘spyware attack’ notifications, hit out at Centre
Opposition leaders across parties — from Congress’s Shashi Tharoor to AAP’s Raghav Chadha to TMC’s Mahua Moitra — said Tuesday that they had received a “threat notification” from Apple, warning of a “potential state-sponsored spyware attack” on their iPhones. They hit out at the Centre, and suggested that it was behind the spyware attack attempt.
Congress’s Pawan Khera and Supriya Shrinate, CPI(M) leader Sitaram Yechury, Shiv Sena’s Priyanka Chaturvedi, and AIMIM MP Asaduddin Owaisi also said they received similar notifications.
Journalists Siddharth Varadarajan of The Wire, and Observer Research Foundation president Samir Saran were also among those to receive these notifications.
Apple later issued a statement saying it “does not attribute the threat notifications to any specific state-sponsored attacker”.
“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected,” the tech company said on Thursday. “We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future.”
It is learnt that since Apple started sending out these alerts in late 2021, individuals in 150 countries have received such threat notifications.
As per screenshots shared by many in the list, the notification from Apple said, “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID. These attackers are likely targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.”
“While it’s possible this is a false alarm, please take this warning seriously,” it added.
TMC MP Mahua Moitra, who is facing a Lok Sabha Ethics Committee examination over cash for query in Parliament, on Tuesday alleged that the government was trying to hack into her phone.
Moitra also said this activity was being carried out against politicians such as former UP CM Akhilesh Yadav, as well as staff of Congress leader Rahul Gandhi.
In a post on X, she said: “Received text and email from Apple warning me the government (is) trying to hack into my phone and email. @HMOIndia (Office of the Home Minister) – get a life. Adani and PMO bullies – your fear makes me pity you.”
Received text & email from Apple warning me Govt trying to hack into my phone & email. @HMOIndia – get a life. Adani & PMO bullies – your fear makes me pity you. @priyankac19 – you, I , & 3 other INDIAns have got it so far . pic.twitter.com/2dPgv14xC0
— Mahua Moitra (@MahuaMoitra) October 31, 2023
In a statement later in the day, Moitra said she was going to write to Lok Sabha Speaker Om Birla about the incident.
“Privileges Committee needs to take up. @AshwiniVaishnaw (Electronics and Information Technology Minister Ashwini Vaishnaw), this is a real breach you need to worry about,” she posted.
Writing officially to @loksabhaspeaker @ombirlakota requesting he follow RajDharma to protect Opposition MPs & summon @HMOIndia officials ASAP on our phones/email being hacked. Priveleges Committee needs to take up. @AshwiniVaishnaw this is real breach you need to worry about.
— Mahua Moitra (@MahuaMoitra) October 31, 2023
Congress leader Tharoor also cited the Apple message. “Received from an Apple ID, [email protected], which I have verified. Authenticity confirmed. Glad to keep underemployed officials busy at the expenses of taxpayers like me! Nothing more important to do?” he posted on X, tagging the accounts of the PMO, the Congress, Congress president Mallikarjun Kharge and Rahul Gandhi.
Received from an Apple ID, [email protected], which I have verified. Authenticity confirmed. Glad to keep underemployed officials busy at the expenses of taxpayers like me! Nothing more important to do?@PMOIndia @INCIndia @kharge @RahulGandhi pic.twitter.com/5zyuoFmaIa
— Shashi Tharoor (@ShashiTharoor) October 31, 2023
Chaturvedi, Shrinate, Chadha, Owaisi, and Khera also took to X, saying that they had got the notifications.
“This snooping is happening as we are merely months away from a General Election. It must also be placed within the broader attacks on the opposition who are facing relentless repression by investigatory agencies, politically motivated criminal cases and incarceration,” Chadha said.
Early this morning I received a concerning notification from Apple, warning me about a potential state-sponsored spyware attack on my phone. The notification states that, “If your device is compromised by a state-sponsored attacker, they may be able to remotely access your… pic.twitter.com/JrVD9Zh9im
— Raghav Chadha (@raghav_chadha) October 31, 2023
According to an August 22, 2023, update on its official website, Apple says “threat notifications are designed to inform and assist users who may have been targeted by state-sponsored attackers”. “Users are individually targeted because of who they are or what they do” and adds that a “vast majority of users will never be targeted by such attacks,” says the post.
If Apple discovers “activity consistent with a state-sponsored attack” it will notify the targeted users via a threat notification on top of the page and with an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID, it said.
Internet Freedom Foundation’s founding director Apar Gupta said the timing of these threat notifications was “alarming”, given impending Assembly elections in five states and Lok Sabha polls in 2024. “Public cynicism or judicial stupor should not preclude us from demanding an independent, transparent technical analysis and clear disclosures from the Government of India regarding its spyware purchases and deployments. This issue strikes at the heart of Indian democracy,” Gupta said in a post on X.
Gupta also referred to reports of the deployment of Pegasus spyware, created by Israeli firm NSO Group, in India over the past few years to target politicians, activists, public officials, and journalists.
“The Union government has not clearly denied these activities (deployment of Pegasus) in the Supreme Court of India. Moreover, investigations by Amnesty, Citizen Lab, and notifications from WhatsApp corroborate its use, suggesting a pattern in India and a matching victim profile,” Gupta said, adding that recent confirmations of validity of threat notifications sent to some Russian journalists by reputed organisations like Access Now and Citizen Lab “lend high credibility to such notifications”.
In 2021, an international investigative journalism initiative by the name of Pegasus Project coordinated by Paris-based media non-profit, Forbidden Stories, reported that phones of a number of Indians, including some politicians, public officials, journalists, lawyers, and activists, among others, were infected by the Pegasus spyware. On its part, the NSO Group has consistently maintained it only sold Pegasus to governments.
The final report of a Supreme Court committee that investigated the use of Pegasus in India has not been made public yet. In August 2022, the apex court had said that the committee found no conclusive evidence of the use of Pegasus on 29 phones that it examined, while also noting that the Central government did not cooperate in the investigation.
Aggam Walia – 2023-10-31 11:32