In recent months, Apple announced more than a dozen Iranian people that their iPhone had been targeted with government spy programs, according to safety researchers.
Miia Group, a digital rights organization, which focuses on Iran, and Hamid Kashfi, a cyber security researcher in Sweden in Sweden, said she was talking to several Iranians who received announcements last year.
Bloomberg first wrote of these notifications of spyware programs.
Mia -group published a report In the Civil Society’s Civil Security Status in Iran on Tuesday, which mentioned that organizational researchers have identified three governmental offensive attacks against Iranians, two in Iran and one in Europe, alerted in April this year.
“Two people of Iran come from a family with long political activism against the Islamic Republic. Many members of their family are executed and have no history to travel abroad,” Mianan’s digital rights and security director Amir Rashidi told Techcrunch. “I believe there have been three waves, and we have only seen the tip of the iceberg.”
Rashidi said that Iran is probably a government behind the attacks, although more convincing determination must be investigated in these attacks. “I see no reason for members of civil society who have targeted anyone other than Iran,” he said.
Kashfi, who founded Darkcell, a security company, said in an email that he helped two victims to go through preliminary forensic stages, but he could not confirm what was behind the attacks. And he added that some of the victims with whom he worked would rather not continue research.
Please contact us
Have you received a threat from Apple? We would like to hear from you. You can contact Lorenzo Franceschi-Bicchierai safely with a signal +1 917,257 1382 or by telegram and Keybase @lorenzofb or email from the non-working device and network.
“Almost all the victims blinked and scattered us as soon as we explained the severity of the case to them. I partially assume their jobs and the sensitivity of things related to it,” said Kashfi, who added that one of the victims received a notice in 2024
It is unclear what the manufacturer of spy programs is behind these attacks.
Over the past few years, Apple has sent several notifications to people who have considered the company’s spy programs, such as the NSO group Pegasus or Paragon graphitis. Such a malware is also known as a “mercenary” or “commercial” spy program.
Notifications have helped security researchers focusing on spyware to document abuse in several countries, such as India, El Salvador and Thailand.
-With Apple Support Page What the company calls “threat advertisements” last updated in April, the technical giant said that since 2021 it has informed users “in over 150 countries”, which shows how widespread the use of state spy programs is. Apple does not reveal the names of the countries or the total number of people they reported.
To help the victims since last year, Apple has recommended those who have received these threat notifications to reach the Digital Rights group Accessnow, which leads around the clock with researchers who can investigate the attacks of spy programs. Accessnow has documented cases of spyware abuse around the world.
Apple did not respond to the comment request for the notifications sent to Iranians.
