Days before Apple issued warnings to some users in India about “state-sponsored attackers” attempting to compromise their devices, a government advisory had already addressed vulnerabilities in Apple’s products and given them a “high” severity rating. The Computer Emergency Research Team (CERT) issued the advisory on October 27, four days before screenshots of the Apple messages were shared on social media. The advisory identified several versions of Apple’s operating systems, including iOS, iPadOS, macOS Sonoma, Ventura, and Monterey, as being vulnerable to hackers. It also highlighted vulnerabilities in Safari, Apple’s internet browser, as well as the company’s tvOS and watchOS systems. The advisory recommended nine software updates to fix these vulnerabilities and provided links to technical support pages for more information.
Opposition MPs in India, including Shashi Tharoor, Priyanka Chaturvedi, and Mahua Moitra, received messages from Apple warning them about “state-sponsored attackers” targeting their iPhones. IT Minister Ashwini Vaishnaw has ordered an investigation into these warning messages and emphasized the government’s commitment to protecting citizens’ privacy and security. Junior IT Minister Rajeev Chandrasekhar also noted that Apple users in other countries received similar notifications and called on the company to clarify if its products had been compromised. The IT Ministry plans to communicate with Apple regarding the use of the term “state-sponsored” attackers in the notifications.
This controversy arises just before elections in five states and the 2024 Lok Sabha election, drawing comparisons to the 2021 Pegasus spyware scandal, where the government was accused of spying on opposition leaders and critics. The government has denied these allegations.
