Apple's Alert System: How it detects state-sponsored threats on smartphones
iMessages are sent to the user's Apple ID-associated address and phone number. Additionally, upon signing into applied.apple.com, the company presents a red "Threat Notification" banner at the top of the page. This banner includes the date of the notification sent via email and iMessage, serving as a means to verify the authenticity of the received message for the user.
Reportedly, the detection of these threats is accomplished through the utilization of threat intelligence signals received by the company. Apple consistently declines to disclose details regarding the methods of detection, citing concerns that sharing such information could potentially assist state-sponsored attackers in adapting their tactics to avoid future detection. Several spyware companies depend on users clicking on malicious links distributed through SMSes, emails, WhatsApp messages, and similar means to compromise devices.
Apple explicitly ensures that its threat notifications do not contain any clickable links. It refrains from requesting users to install apps or profiles, or share verification codes via email or phone. When referring to URLs for additional information, Apple intentionally spaces out the links, prompting users to manually type them instead of clicking directly, thus mitigating the risk of inadvertently accessing malicious links.
The report from HT added thatApple acknowledges that the majority of individuals will not be the focus of attention from state actors, as these attacks demand significant resources in terms of finances, physical infrastructure, and personnel. Therefore, those capable of carrying out such attacks are typically supported by nation-states. Potential targets could include politicians, human rights activists,
. Read more on livemint.com
