Over a dozen Opposition leaders and journalists received email alerts from U.S.-based tech giant Apple on Monday night, informing them that their digital devices were being targeted by “state-sponsored attackers”. On Tuesday, the Union government said it would launch an investigation into the alerts, though the Minister for Electronics and Information Technology Ashwini Vaishnaw described Opposition claims of snooping as “vague”.
Prominent Opposition leaders who posted screenshots of these alerts on social media included Congress president Mallikarjun Kharge, Trinamool Congress MP Mahua Moitra, Samajwadi Party president and former Uttar Pradesh Chief Minister Akhilesh Yadav, Communist Party of India (Marxist) general secretary Sitaram Yechury, and Congress MPs Shashi Tharoor and K.C. Venugopal. Former Congress chief Rahul Gandhi told journalists that people working in his office had also received alerts.
Mr. Gandhi alleged that “snooping” is carried out the moment Opposition leaders “touch” industrialist Gautam Adani. Ms. Moitra leveled similar allegations throughout the day, saying on the social media platform X (formerly Twitter) that the episode was a “desperate distraction” from reporting on allegedly corrupt dealings involving the Adani Group.
Remote attacks on iPhones
Mr. Vaishnaw downplayed the alerts, by citing Apple’s claim that they have been sent to people in 150 countries. However, the company said that this figure encompassed the last few years during which Apple has been issuing such notifications. The Minister urged the iPhone manufacturer to cooperate with the government’s investigation.
“Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID,” the alert said. “These attackers are likely targeting you individually because of who you are or what you do… If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.” Apple said that there was a chance of these alerts being a false alarm, but also urged recipients to take the warning seriously.
Unspecified state actor
Apple told The Hindu in a statement that it was not accusing a “specific state actor” of being behind these attempted attacks. Mr. Vaishnaw seized on a part of Apple’s press statement that individuals in “150 countries” had received such alerts, but the company subsequently clarified that it was referring to the entire history of these alerts since 2021, not those sent in the immediate past.
It is unclear if Apple executives in India were aware in advance that these alerts were going out, or if they will be in a position to disclose to the government how the targets were discovered. “We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future,” the company says on threat alert-related documentation on its website.
Other politicians who reported receiving these alerts include K.T. Rama Rao, the Minister of Information Technology, Electronics and Communications in Telangana, Chhattisgarh Deputy Chief Minister T.S. Singhdeo, All India Majlis-e-Ittehadul Muslimeen MP Asaduddin Owaisi, and Shiv Sena (UBT) MP Priyanka Chaturvedi.
‘Targeting the Opposition’
“As an Indian citizen, before being a Member of Parliament, I believe it is a violation of my fundamental rights and contrary to the laws of our country to engage in sophisticated hacking in an attempt to monitor my actions and movements,” Ms. Chaturvedi wrote in a letter to Prime Minister Narendra Modi. “If this warning message is accurate, it raises serious questions about our agencies being directed toward targeting the opposition instead of those who pose a threat to our nation.”
No member of the BJP or other National Democratic Alliance has reported receiving such an alert as of Tuesday evening. Asked if any had, Mr. Vaishnaw said, “Those who received [the alert] will talk about it.”
Journalists who received the alert included The Wire editor Siddharth Varadarajan and Ravi Nair, a contributor to the Organized Crime and Corruption Reporting Project (OCCRP). Samir Saran, president of the Observer Research Foundation, a Delhi-based think tank, also received the alert.
This is the second time that Opposition politicians and civil society actors in India have been warned that they have been targets of spying attempts. In 2021, the Paris-based Forbidden Stories collective reported that the Pegasus spyware, which was sold only to government agencies by an Israeli firm NSO Group, was allegedly used on a range of journalists, civil society groups and politicians in India.
The government has not denied that it has used Pegasus, and did not participate in a Supreme Court-led investigation into the matter. Import data uncovered by OCCRP showed that the Intelligence Bureau, under the Ministry of Home Affairs, had imported equipment from the NSO Group in 2017; The Hindu has independently confirmed this data.
Anand Mangnale, the OCCRP’s South Asia editor, also received an alert from Apple about being targeted by state-backed attackers, he said on X. The U.K.-based Financial Times has reported that since the NSO Group shut down, Indian officials have been seeking spyware vendors who can match Pegasus’ capabilities. One of the firms cited in the report was Cognyte Software Ltd, which The Hindu found had exported equipment to India’s Defence Intelligence Agency’s Signal Intelligence Directorate.