Apple Warns IPhone Users In Iran Over Spyware Attacks Ahead Of Conflict With Israel

Apple warned a number of Iranian iPhone users (photo: x @RPRNANews ·)

Apple warned a number of Iranian iPhone users that it was the target of spyware attacks allegedly related to cyber espionage, amid heated tensions towards the Iran-Israeli conflict.

Reports from cybersecurity researchers and human rights organizations show that a number of Iranian-owned phones have been compromised with advanced malware since early 2025. Investigations by Texas-based Miaan Group and Sweden-based DarkCell group found dozens of devices had been targeted for attacks.

Apple also responded to this threat by sending a direct warning to iPhone users who were suspected of being targeted. This attack is believed to be one of the early examples of using cyber espionage tools against Iranians, both domestically and abroad, as reported by Bloomberg.

The victims include political dissidents in Iran as well as Iranian citizens living in Europe. Until now, it is not known for sure who was behind the attack, but investigations are still being carried out despite obstacles. One of the big challenges is the difficulty of conducting a thorough forensic examination of infected devices.

Some of the victims have only reported after months, while others have even handed over their iPhones to Iranian government security forces for analysis. Even so, the researchers agreed that the perpetrators of the attack had large resources. The cost of the attack is estimated at millions of dollars and shows an sophistication level equivalent to the Pegasus spyware.

The high cost and complexity of the technique used indicates that this attack is not mass targeting, but is aimed at certain individuals who are considered important by state institutions or security forces. The general targets are activists, journalists, and influential figures.

Official Warning From Apple

As part of the response, Apple sent a live notification in the form of a message to the victims. In the message, Apple revealed that their device has been the target of spyware attacks that use the "most advanced digital threat today."

Apple insists that the victims are most likely attacked because of who you are or what you are doing, and states that they have a high confidence level over the warning.

Apple has implemented such a warning policy since 2021 as a step to help victims of state-backed spyware attacks. Since then, similar warnings have been sent to victims in more than 90 countries.

Apple also provides a special support page that explains more about this threat notification. On the page, Apple advises users to enable the Lockdown Mode feature, a mode of security that limits a number of iPhone features to prevent digital attacks from being successfully carried out.