Polish Prosecutor First Beneficiary Of Apple's 'You've Been Hacked By NSO Spyware' Notification Program

from the anything-that-screws-with-NSO-and-its-customers-is-fine-with-me dept

Concurrent with Apple’s announcement that it was suing Israeli tech company NSO Group over its iPhone exploits was its announcement that it would be notifying customers of suspected hacking attempts utilizing NSO’s extremely powerful Pegasus malware.

Apple is notifying the small number of users that it discovered may have been targeted by FORCEDENTRY. Any time Apple discovers activity consistent with a state-sponsored spyware attack, Apple will notify the affected users in accordance with industry best practices.

Unlike Apple’s lawsuit — which might nudge the CFAA towards a more expansive interpretation of “unauthorized access” that could adversely affect security research — this notification practice is undeniably good. It undercuts the abusive acts of state actors by giving their targets a heads up about phone hacking attempts.

This won’t pose much of a problem for Apple, as it’s out of the legal reach of most of NSO’s customers. Even if foreign surveillance agencies did obtain the equivalent of a warrant to hack phones and intercept communications, any accompanying gag orders would be useless. We’ll see how this disclosure process works out if a US-based government agency utilizes NSO malware — something that seems even less likely now that the Commerce Department has blacklisted NSO.

The notification program has already paid off for one Polish government employee, who was recently informed by Apple she was targeted by NSO spyware. (h/t 9to5Mac)

Ewa Wrzosek is a prosecutor, a member of the Association of Prosecutors “Lex Super Omnia”. She exposed herself to the authorities on April 23, 2020, when she initiated an investigation into the so-called “Envelope elections”. On the same day, however, the investigation was taken from her and discontinued, and disciplinary proceedings were initiated against Wrzoski. Since then, the prosecutor has repeatedly criticized the changes in the Polish judiciary after 2015.

Yesterday evening, Ewa Wrzosek announced on Twitter that she had received a notification from Apple about a possible attack by state services on her iPhone using Pegasus.

The “Envelope Elections” were a hasty and apparently unlawful attempt to hold an election during the first few months of the COVID pandemic. Last May, the failed presidential election managed to rack up a hefty tab to be settled by Poland residents, but didn’t actually result in the election of anyone.

Poland’s abandoned presidential election, which was scheduled for 10 May but took place without any voting, still generated high costs. Private broadcaster TVN has revealed that invoices issued in connection with the preparations amounted to almost 70 million zloty of costs for the state postal service, Poczta Polska.

The run-up to the planned election was fraught with chaos and controversy, as the Polish government pushed ahead with preparations for a fully postal vote before relevant legislation had been passed. Many local authorities refused to cooperate, on the basis that doing so without the law in place would be illegal.

Following this logistic and political failure (there was some speculation this process was fast tracked to give the incumbent president the best chance to win), Wrzosek began an investigation. That appears to have proven unpopular with the party controlling the Polish government. Given this history, it’s not much of a leap to presume she’s being targeted by her own government.

The twist is that the Polish government has never officially confirmed it has ever acquired NSO malware. But governments rarely discuss surveillance programs, especially their most controversial ones. However, there is a paper trail that suggests at least one government agency is in possession of NSO’s most powerful surveillance tool.

For nine months, the Ministry of Finance has not been able to decide whether the Justice Fund, which is in the hands of the Minister of Justice Zbigniew Ziobro, had the right to transfer PLN 25 million to the CBA for the purchase of a modern surveillance system, tvn24.pl learned.

The fact that the Central Anticorruption Bureau received money from this fund and allocated it to the purchase of the most modern surveillance system for telephones and computers was revealed on tvn24.pl almost exactly a year ago.

Now, reporters of the “Black on White” program suspect that the system bought by the anti-corruption service is probably the Israeli Pegasus. – This system was created to prevent terrorist attacks, kidnappings, human trafficking and drug smuggling – journalists from “Black and White” explained.

If so, there’s a good chance the targeted phone is compromised. Wrzosek has asked for answers from the Minister of Justice, but she’s unlikely to receive any acknowledgements or apologies. If it is what it looks like, the prosecutor is being targeted in retaliation for her attempted investigation by the same government she works for.

As Apple continues to notify users targeted by NSO malware, hopefully those targeted will continue to inform the rest of the world how the company’s “for bad guys and terrorists ONLY” exploits are actually being used.

Filed Under: , , , ,
Companies: apple, nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Polish Prosecutor First Beneficiary Of Apple's 'You've Been Hacked By NSO Spyware' Notification Program”

Subscribe: RSS Leave a comment
This comment has been deemed insightful by the community.
That Anonymous Coward (profile) says:

"something that seems even less likely now that the Commerce Department has blacklisted NSO."

Have you met the rest of our government?
They’ll just claim they discovered things via some other way to hide that they are violating the law & rights and everyone will be fine with it.

That One Guy (profile) says:

Not a contradiction even though it really should be

As Apple continues to notify users targeted by NSO malware, hopefully those targeted will continue to inform the rest of the world how the company’s "for bad guys and terrorists ONLY" exploits are actually being used.

When a government sees it’s role not as serving the public but ruling over them then any that might challenge that are going to be seen and treated as ‘bad guys’, and if that’s the country’s citizens then going after them is going after the ‘bad guys’.

Whatsapp Group says:

Whatsapp Group Link

Girls WhatsApp Group Links- Hello, friends the famous ActiveWhatsappGroupJoinLink.Com the site comes back with special Links for WhatsApp group join Link, On this page, you will get lot’s of Online Chating With Girl Whatsapp group Link from all over the World so if you are really searching for Active Girl Whatsapp group Links then you are in the right place. Friends these groups about online Chat, Single Girl, Single Boy, 18+Girl, school Girl Whatsapp group Link and much more so choose your favorite one. Friends Girl Chat WhatsApp group is especially favorable for online Chatting so please join these groups for more fun, if you join these groups you will get all types of Boy and beautiful online girl, and much more. friends if you have any own online girl Links Whatsapp Group Invitation please share with us we will add your links on the supported page.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...