Apple has warned over a half dozen Indian lawmakers from Prime Minister Narendra Modi’s main opposition of their iPhones being targets of state-sponsored attacks, these people said Tuesday, in a remarkable turn of events just months before the general elections in the South Asian nation.
Rahul Gandhi, Indian opposition leader, said in a media briefing Tuesday that his team had received the said alert from Apple. Shashi Tharoor, a key figure from the Congress party; Akhilesh Yadav, the head of the Samajwadi Party; Mahua Moitra, a national representative from the All India Trinamool Congress; Priyanka Chaturvedi of Shiv Sena, a party with notable influence in Maharashtra reported that they too had been notified by Apple regarding a potential security attack on their iPhones.
Asaduddin Owaisi, the leader of the All-India Majlis-e-Ittehadul Muslimeen (AIMIM); Raghav Chadha from AAP, originating from an anti-corruption crusade a decade prior and later securing a political foothold in the national capital region; Sitaram Yechury, the General Secretary of the Communist Party of India; alongside Congress spokesperson Pawan Khera were also impacted, they said.
Journalists Siddharth Varadarajan and Sriram Karri, along with Observer Research Foundation (ORF) India President Samir Saran shared that they had been served with identical warnings from Apple.
Apple confirmed that it has sent threat notifications to individuals. In a statement, the company told TechCrunch that it does not attribute the threat notifications to any specific state-sponsored attacker.
“State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future.”
India’s IT Minister Ashwini Vaishnaw said the government is concerned about the matter and is investigating to find the truth. He also downplayed the allegations, saying the threat notifications received by them was “vague” and merely “estimations.”
New Delhi has been accused of deploying the Pegasus spyware, blacklisted by the U.S. government, on activists and opposition leaders for years. While India has never acknowledged dealings with NSO, the Israeli developer of Pegasus, the company’s malware has been found on the phones of journalists, academics and opposition leaders in the country.
Financial Times reported in March that the Indian government was seeking new spyware contracts. But to be sure, there’s no official statement or confirmation that narrows the blame for the new episode on New Delhi.
Apar Gupta, a senior privacy activist, said the timing of these notifications was nonetheless alarming.
“Public cynicism or judicial stupor should not preclude us from demanding an independent, transparent technical analysis and clear disclosures from the Government of India regarding its spyware purchases and deployments. This issue strikes at the heart of Indian democracy,” he wrote in a tweet.
Apple has previously recommended users receiving this alert to activate the Lockdown mode, a security measure unveiled in 2022, aimed at safeguarding individuals like journalists, politicians, attorneys, and human rights advocates from state-sponsored spyware intrusions.
This mode curtails link previews in messages, minimizes Safari functionality by turning off features like just-in-time (JIT) compilers to halt malicious JavaScript execution, restricts users from opening attachments, and disables receipt of FaceTime calls from unfamiliar contacts.
Since enabling the threats notifications feature earlier, Apple has alerted individuals in nearly 150 countries.
Ivan Mehta contributed to this report.