As part of the response to spyware company NSO, Apple alerted a Polish prosecutor that his iPhone appears to have been compromised by Pegasus. It also gives us a first look at the text of Apple’s security alerts.
Although Poland has not admitted to purchasing and using the spyware, there is significant evidence that it did …
As noted in our NSO guide, the company makes the Pegasus spyware, which has been used by several governments to gain illicit access to smartphones belonging to journalists, government opponents, human rights activists, lawyers, and more.
We learned earlier this week that Apple is suing NSO for attacking iOS users, and also that the company is monitoring iPhones for signs of Pegasus compromise and alerting customers.
Apple alerted the Polish prosecutor
Think of the apple reports that one of the notified persons is a Polish prosecutor named Ewa Wrzosek. She was likely targeted after she opened an investigation into a failed presidential election in which millions of Polish dollars were spent on a postal vote that did not take place.
Ewa Wrzosek is a prosecutor, member of the Association of Prosecutors “Lex Super Omnia”. She reported herself to the authorities on April 23, 2020, when she opened an investigation into the so-called “envelope elections”. On the same day, however, the investigation was withdrawn and closed, and disciplinary proceedings were initiated against Wrzoski. Since then, the prosecutor has repeatedly criticized changes in the Polish judicial system after 2015.
Last night, Ewa Wrzosek announced on Twitter that she had received a notification from Apple regarding a possible state service attack on her iPhone using Pegasus.
I just received an alert from @AppleSupport regarding a possible cyber attack on my phone by state services. With the indication that I can be targeted for what I do or who I am. I will take the warning seriously as it was preceded by other incidents. @ZiobroPL is it a coincidence?
This also provided our first (most) glimpse of the text Apple uses for alerts:
ALERT: State sponsored attackers may target your iPhone. Apple believes you are the target of state-sponsored attackers who attempt to remotely compromise the iPhone associated with your Apple ID
These attackers are likely targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, it may be able to remotely access your sensitive data, communications, or even the camera and microphone. Although it is possible that this is a false alarm, please take this warning seriously.
State-sponsored attackers are very well funded and sophisticated, and their attacks evolve over time. Researchers and journalists have publicly documented such attacks against popular cloud services including iMessage as well as Facebook Messenger, Gmail, Signal, and WhatsApp.
Some state-sponsored attacks do not require any interaction on your part, and others involve tricking you into clicking a malicious link or opening an attachment in an email, text, or other message. These attempts can be quite convincing, ranging from bogus package tracking updates to personalized emotional calls claiming a named family member is in danger. Be careful with any links you receive and do not open any links or attachments from unexpected or unknown senders.
State-sponsored attackers are sophisticated and will likely attempt to attack you through other channels, devices, and accounts not associated with Apple. Experts can provide the [screengrab cuts off here]
FTC: We use automatic affiliate links which generate income. Following.
Check out 9to5Mac on YouTube for more Apple news: