The problem with espionage by Pegasus & Co. is bigger than previously thought. Most recently, 30 democracy activists in Thailand were affected.
Spying on iPhones using sophisticated spyware such as Pegasus appears to be far more common than feared. According to the manufacturer Apple, it has now sent warnings to potentially affected users in 150 countries worldwide, as reported by the Washington Post. How many people were attacked in total is unclear and has not yet been officially announced; but the sheer number of affected regions is astounding.
Activists spied on
A large-scale surveillance campaign in Thailand was recently uncovered. Apple had already notified possible victims of this in November. As it now turns out, state authorities apparently used Pegasus to spy on at least 30 activists and their supporters who are involved in NGOs of the pro-democracy movement. Civil society organizations had contacted the human rights organization iLaw, which is working to create a new, democratic constitution in Thailand. Other victims were quickly found and contacted there, so the Washington Post report.
The infections with Pegasus took place between the end of 2020 and the beginning of 2021. This comes at a time when the Thai government had been attempting to severely suppress efforts at democracy. Data on local victims of Pegasus was also discovered by Amnesty International’s IT security group and Canadian organization CitizenLab. The espionage does not only concern the Global South or Eastern Europe. Only recently a Pegasus campaign was uncovered by Spanish secret services.
Apple brings lockdown mode
The extent of the espionage, behind which not only the Pegasus creator NSO Group, which Apple is now suing, is so great that Apple feels compelled to take clear countermeasures. With iOS 16, a new lockdown mode is now to be introduced that seals devices better – even if comfort will cost money. The function, for which Apple has set up a highly endowed bug bounty program to quickly find security gaps, is also to be made available for iPad (iPadOS 16) and Mac (macOS 13 Ventura).
According to Apple, the lockdown mode is aimed at people who are particularly at risk and should not be active by default. Apple currently specifies five different areas that should be better protected when the feature is active. But more can be added here, the new operating systems will appear in autumn. In lockdown mode, certain attachments can no longer be displayed in iMessage, for example, and the link preview is deactivated. In addition, certain browser and MDM functions are blocked, which could serve as a gateway for spyware.