IE 11 is not supported. For an optimal experience visit our site on another browser.

Apple says it will notify users whose iPhones were hacked by spyware

“These users are individually targeted because of who they are or what they do,” Apple said in a support document.
Image: A woman is reflected in a Apple store logo in San Francisco
A woman walks past an Apple store in San Francisco on Aug. 21.Kevin Coombs / Reuters file

Apple says it will notify users whose iPhones and devices have been compromised by state-sponsored hacking efforts, according to a support document.

The tech giant published its plans to inform the hacking victims last week after Apple sued the Israeli company NSO Group, claiming it broke U.S. law by selling spyware to hack into iPhones.

When Apple detects that a user has been targeted by state-sponsored hacking, it will send an iMessage and an email to the addresses on file, and a Threat Notification will be displayed when the user signs into Apple ID, Apple said.

"These users are individually targeted because of who they are or what they do," Apple said in the support document. "Unlike traditional cybercriminals, state-sponsored attackers apply exceptional resources to target a very small number of specific individuals and their devices, which makes these attacks much harder to detect and prevent.

"State-sponsored attacks are highly complex, cost millions of dollars to develop, and often have a short shelf life," Apple said. "The vast majority of users will never be targeted by such attacks."

Apple did not respond to requests for comment.

Apple made the announcement as it filed the lawsuit against NSO Group, which has long insisted that it leases its technology only to legitimate governments to track criminals and enforce laws and interests.

“Apple’s notification of victims of espionage is beginning to reveal what a real horror show NSO Group’s services have facilitated,” Ron Deibert of the University of Toronto’s Citizen Lab said in an email.

“We are now learning of numerous individuals who are neither terrorists or criminals, but journalists, students, members of legitimate political opposition and other members of civil society worldwide whose phones were hacked by governments using Pegasus," he wrote.

“This abuse is no surprise given that there are no international controls over spyware companies like NSO Group,” he wrote. “The company’s executives really are, as Apple rightly pointed out in their legal complaint, ‘amoral 21st century mercenaries.’”

NBC News reported in 2017 that Pegasus was used to target prominent journalists, lawyers, anti-corruption activists and government officials, according to research published by the Citizen Lab.

The Saudi government and its close ally the United Arab Emirates are suspected of having targeted three women who spoke out against it: a Lebanese broadcaster, a Saudi equestrian and an Emirati human rights activist, NBC News reported in August.

The Biden administration limited NSO Group's access to U.S. components and technology this month by requiring permission for exports.