Apple warns Iranian users about spyware attacks on iPhones

By: Viktor Tsyrfa | 23.07.2025, 09:48
What the modern flag of Iran looks like: history and symbolism The flag of Iran. Source: techcrunch.com

Apple, as part of its Threat Notification programme, sent notifications to about two dozen Iranians - both citizens inside the country and in the diaspora - about attempts to install state-sponsored spyware on their iPhones in the first half of 2025.

The research was conducted by the Texas-based Miaan Group and Swedish analyst Hamid Kashfi of DarkCell. They identified at least three waves of attacks, two of which took place inside Iran and one in Europe.

What is happening

The victims are mostly activists, journalists, opposition figures and some Iranian officials or IT professionals. Among them are representatives of families with a long history of political confrontation with Iran. According to Amir Rashidi of the Miaan Group, the level of sophistication and targeting points to the involvement of Iranian state security forces, although no definitive conclusions have been reached.

These attacks were extremely expensive and technologically advanced, comparable to the well-known Pegasus - the cost range reached millions of dollars, and the penetration mechanisms were zero-click, without user intervention.

How the Apple programme works

In case of suspicion, Apple sends a text message, email, and banner notification via Apple ID. iOS has flexible security settings, so you can significantly increase the level of protection if you suspect something is wrong.

Apple's recommendations

  • Enable Lockdown Mode, an emergency security mode.
  • Update iOS to the latest version and protect your account with a strong password with two-factor verification.
  • Contact experts - Apple recommends the AccessNow service for this purpose.

Bottom line.

Targeted attacks on specific people (activists, journalists, public figures, etc.) are always more difficult than mass attacks. That is why, perhaps, the origin of the threat raises the most questions. Perhaps Iran, after the cyberattack on its nuclear facilities by the Stuxnet virus, created its own governmental organisation to wage cyberwar. Or perhaps it is the Russians, good friends of all terrorists in the world, who are helping with this, as they have specialists and government hacker groups within the main security agencies. At least they helped the Ayatollah's government fight Stuxnet.

Source: techcrunch.com

security
Latest news
Latest reviews
Latest articles
Latest Discussions