Apple has warned Polish prosecutor of a likely NSO spyware attack

As part of the retaliation against spyware company NSO, Apple warned a Polish prosecutor that its iPhone appears to have been compromised by Pegasus. This also gives us our first look at the text of Apple’s security warnings.

While Poland has not admitted to buying and using the spyware, there is significant evidence that it did…

Background

As detailed in our NSO guide, the company makes Pegasus spyware, which has been used by multiple governments to illegally access the smartphones of journalists, government opponents, human rights activists, lawyers, and more.

We learned earlier this week that Apple is suing NSO for attacking iOS users, as well as that the company is monitoring iPhones for signs of being compromised by Pegasus and warning customers.

Apple warns Polish prosecutor

ThinkApple reports that one of those notified is a Polish prosecutor named Ewa Wrzosek. She was likely targeted after launching an investigation into a failed presidential election in which millions in Polish currency were spent on a postal vote that did not take place.

Ewa Wrzosek is a prosecutor, member of the Association of Prosecutors “Lex Super Omnia”. She exposed herself to authorities on April 23, 2020, when she launched an investigation into the so-called “Envelope Elections”. However, on the same day, she was deprived of the investigation and stopped, and disciplinary proceedings were initiated against Wrzoski. Since then, the prosecutor has repeatedly criticized the changes in the Polish judiciary after 2015.

Last night, Ewa Wrzosek announced on Twitter that she had received a report from Apple about a possible attack by state officials on her iPhone with Pegasus.

In her tweet, she asked the Minister of Justice for an explanation.

I just got a notification from @AppleSupport about a possible cyberattack on my phone by government services. With the indication that I could be the target of what I do or who I am. I will take the warning seriously as it has been preceded by other incidents. @ZiobroPL is it a coincidence?

heath also shared most of the text of Apple’s warning.

WARNING: State-sponsored attackers may target your iPhone. Apple believes you are being targeted by state-sponsored attackers who attempt to remotely compromise the iPhone associated with your Apple ID

These attackers are likely targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, they could potentially gain remote access to your sensitive data, communications, or even the camera and microphone. While it is possible that this is a false alarm, you should take this warning seriously.

State-backed attackers are very well-funded and sophisticated, and their attacks evolve over time. Researchers and journalists have publicly documented such attacks on popular cloud services including iMessage, Facebook Messenger, Gmail, Signal and WhatsApp.

Some state-sponsored attacks require no interaction from you, and others aim to trick you into clicking a malicious link or opening an attachment in an email, text, or other message. These attempts can be quite convincing, ranging from fake package tracking updates to custom, emotional calls claiming a named family member is in danger. Be careful with any links you receive and do not open links or attachments from unexpected or unknown senders.

State-sponsored attackers are sophisticated and are likely to attempt to attack you through other channels, devices, and accounts not associated with Apple. Experts can use the [screengrab cuts off here]

FTC: We use auto affiliate links that generate revenue. More.


Check out 9to5Mac on YouTube for more Apple news:

Leave a Comment