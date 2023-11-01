Apple has sent notifications to Indian opposition leaders and others, warning them about potential state-sponsored attacks on their iPhones. Here's how these alert works…

Indian opposition leaders, along with several others, received notifications on Monday from Apple, cautioning them about potential attempts by “state-sponsored attackers" to compromise their iPhones, reported HT. {{^adFree}} {{/adFree}}

These alerts come a year after a Supreme Court-appointed committee of experts found inconclusive evidence regarding the presence of Pegasus spyware in the 29 phones it analysed.

How does Apple notification work? The report indicates that emails and iMessages are sent to the user's Apple ID-associated address and phone number. Additionally, upon signing into applied.apple.com, the company presents a red "Threat Notification" banner at the top of the page. This banner includes the date of the notification sent via email and iMessage, serving as a means to verify the authenticity of the received message for the user. {{^adFree}} {{/adFree}}

How does Apple detect attacks? Reportedly, the detection of these threats is accomplished through the utilisation of threat intelligence signals received by the company. Apple consistently declines to disclose details regarding the methods of detection, citing concerns that sharing such information could potentially assist attackers in adapting to their tactics to avoid future detection.

Are there fake threat notifications? Several spyware companies depend on users clicking on malicious links distributed through SMSes, emails, WhatsApp messages, and similar means to compromise devices. Apple explicitly ensures that its threat notifications do not contain any clickable links. It refrains from requesting users to install apps or profiles, or share verification codes via email or phone. When referring to URLs for additional information, Apple intentionally spaces out the links, prompting users to manually type them instead of clicking directly, thus mitigating the risk of inadvertently accessing malicious links.

Who all could be targeted? The report from HT added that Apple acknowledges that the majority of individuals will not be the focus of attention from state actors, as these attacks demand significant resources in terms of finances, physical infrastructure, and personnel. Potential targets could include politicians, human rights activists, journalists, or outspoken and influential critics of a government. {{^adFree}} {{/adFree}}

