Remix.run Logo
pmontra 4 hours ago

"he did not recall receiving the Apple notifications" so he didn't notice them.

bawolff 3 hours ago | parent | next [-]

That is kind of surprising given he is on the comittee investigating pegasus. I'd assume someone on the comittee would be paying much more attention to this than a normal person.

I wonder what triggered him to suspect he was hacked then. Since presumably something triggered him to have his phone forensically investigated.

tyre 2 hours ago | parent | next [-]

Or that Apple could either run searches on the names of affected users against publicly known members of government or have close relationship with governments to flag exactly this.

DANmode 3 hours ago | parent | prev [-]

If he knew he was compromised, and was okay with it for one reason or another (like money or other coercion), this is what his cleanup would look like.

Not saying this is likely. Just another possibility.

arka2147483647 4 hours ago | parent | prev | next [-]

Could those have been intercepted or suppressed somehow?

stavros 3 hours ago | parent [-]

It's possible, if the attacker controls the device enough. I don't think a big "you're being targeted" warning is something you don't notice, or forget.

chatmasta 3 hours ago | parent | prev | next [-]

Do they send them via notification infrastructure or email? Personally I almost never check the email associated with my Apple ID so I would miss those. But if all my Apple devices were notifying me and I had a badge in Settings.app, I’d notice.

Then again, you’d think that’s the kinda thing malware developers would spend some time learning to hide from the user.

captn3m0 4 hours ago | parent | prev | next [-]

Do we know how Apple sends these? Is it just a notification, or also email?

krackers 4 hours ago | parent [-]

https://support.apple.com/en-us/102174

>A Threat Notification is displayed at the top of the page after the user signs into account.apple.com.

>Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple Account.

You can see what it looks like in https://reddit.com/r/iphone/comments/1c10jai/i_have_received...

I wonder how they detect it, is it for known IOCs that they've already found elsewhere, or do they have heuristic detection that flags things that might need further investigation.

lostlogin 3 hours ago | parent | prev [-]

I could be wrong here, but I can’t see any way of viewing old notifications.

It isn’t hard to accidentally dismiss one then wonder what it was. Why there isn’t there an interface for looking back?

Edit: below it says there are emails and notices on web login.