Checklist 440: Latest iPhones Target Serious Spyware

Apple Warns French Citizens of Spyware Threats

Apple has issued spyware threat notifications to individuals in France, prompting the country’s national cybersecurity response unit to warn potential targets about the risks and response steps. TechCrunch reports that the alerts, sent last week, indicate that at least one device tied to a recipient’s iCloud account “has been targeted and would be potentially compromised”.

The spyware resembles Pegasus-class tools—highly sophisticated, costly, and typically deployed by governments or intelligence agencies. Targets are usually high-profile individuals such as journalists, lawyers, activists, politicians, senior officials, and members of strategic industries..

Authorities explained that Apple’s alerts arrive via iMessage, email (from official Apple addresses), and iCloud account notifications. Because of the volume of digital alerts people receive, officials worried that recipients might miss or ignore them. They emphasized swift action: notify authorities, preserve Apple’s notifications, and avoid tampering with devices to ensure investigations aren’t hindered.

France’s cybersecurity unit also advised steps to reduce risk:

• Keep operating systems up to date and enable automatic updates.
• Separate personal and professional device usage.
• Consider using Apple’s Lockdown Mode for maximum protection.
• Restart devices daily.
• Follow standard precautions like using unique passwords, enabling two-factor authentication, and avoiding suspicious links or untrusted app stores.
  

While Apple’s warnings stand apart from everyday spam, cybersecurity expert Brian Krebs noted on Mastodon that the flood of notifications in general may cause people to tune out. France’s effort aims to ensure that doesn’t happen here.

Apple’s iPhone 17 Debuts With Built-In Anti-Spyware Technology

Apple’s newly announced iPhone 17 lineup includes a major security enhancement aimed at thwarting advanced spyware threats. According to reports from ZDNet and MacRumors, the new Memory Integrity Enforcement (MIE) system is designed to defend against sophisticated, state-sponsored attackers rather than everyday malware.

MIE leverages the Enhanced Memory Tagging Extension (EMTE), developed by Apple and ARM in 2022, to provide always-on memory-safety protection for the kernel and over 70 user processes. Its goal is to break complex and costly exploit chains often used in mercenary spyware campaigns.

Apple claims MIE is effective against even the most advanced attack methods seen over the past three years. In a statement cited by both outlets, the company said:

“Based on our evaluations pitting Memory Integrity Enforcement against exceptionally sophisticated mercenary spyware attacks from the last three years, we believe MIE will make exploit chains significantly more expensive and difficult to develop and maintain, disrupt many of the most effective exploitation techniques from the last 25 years, and completely redefine the landscape of memory safety for Apple products.”

While experts caution that the real-world effectiveness of MIE remains to be proven, ZDNet notes that iOS already benefits from Apple’s stringent app controls. If successful, MIE could raise the cost and lower the success rate of high-level spyware attacks, potentially setting a new standard in mobile device security.