Hours after filing a lawsuit against Israeli spyware maker NSO Group, Apple has sent threat notification alerts to users in Thailand, El Salvador, and Uganda. According to Reuters, at least six critical Thai activists and researchers were notified, including Prajak Kongkirati of Bangkok National University of Political Science, researcher Sarinee Achanuntakul, and Thai activist Yingcheep Atchanont of iLaw, a legal watchdog organization.
As early as 2018, Citizen Lab, which tracked illegal intrusions and surveillance, discovered a Peg ASUS spyware operator active in Thailand. Apple said that the alert is intended to send an alert to potential victims and provide relevant assistance, in addition to some users in El Salvador. These include 12 employees of EL Faro, two leaders of civil society organizations, and two opposition figures.
The alert from Apple reads:
You may have become a victim of spyware. The attacker tried to remotely hack the iPhone associated with your Apple ID, and the purpose of the attack was related to your identity or work. If your device is compromised by this type of intrusion, the attacker may remotely access sensitive data, communications, and even cameras and microphones. Although the possibility of false alarms is not ruled out, please treat it with caution.
On Tuesday, Apple initiated a lawsuit seeking a permanent injunction against Pegasus spyware maker NSO Group to prevent such incidents from occurring on any Apple product.
Ivan Krstić, Apple’s head of security, said:
The measures we are taking today are intended to send a clear signal that in a free society, the weaponized application of spyware with a deep background is clearly unacceptable for people seeking to make the world a better place. As one of the most complex security engineering operating agencies in the world, Apple will make unremitting efforts to protect its users from abusers like NSO Group.