Apple & Google Issue New Spyware Alerts, Targeting Intellexa Zero-Day Victims
The world’s largest technology companies have begun issuing notifications to users who may have been targeted by state-linked spyware. Apple and Google report that, in recent days, they have dispatched a new wave of alerts to individuals identified as persons of interest by operators of advanced surveillance tools. Such warnings have been sent by major tech firms for several years now: they are intended for users whose devices may have been attacked with espionage software developed by private vendors and sold to government clients.
On 3 December, Google announced that it had notified all known owners of accounts targeted by the Intellexa spyware suite. Several hundred users from multiple regions were affected; according to the company, the list includes Pakistan, Kazakhstan, Angola, Egypt, Uzbekistan, Saudi Arabia, and Tajikistan. Google’s security team underscores that Intellexa — already under U.S. government sanctions — has become one of the most active suppliers of surveillance technologies exploiting zero-day vulnerabilities in mobile browsers.
Despite frequent operating-system patches and ongoing improvements in defensive mechanisms, Intellexa continues to demonstrate an ability to acquire — or independently develop — new exploits. As a result, its operators maintain their foothold in the market by routinely circumventing restrictions. Members of Google’s Threat Analysis Group note that a significant portion of the zero-day vulnerabilities uncovered in recent years has been directly linked to Intellexa’s campaigns. Moreover, the company not only develops its own software but also purchases components of attack chains from outside contractors.
Apple confirmed that on 2 December it likewise issued warnings about potential intrusion attempts. The company, however, disclosed no specifics: the number of recipients, the particular spyware involved, and the entities behind the surveillance remain unknown. The only clarification concerns geography — according to Apple, users in more than 150 countries received notifications.
Such alerts have frequently prompted governmental inquiries. In the past, regulators — including those within the European Union — have demanded explanations and examined the conduct of companies named in these warnings. Although Apple and Google almost never identify individual targets, analysts observe that those most often affected belong to high-risk groups: journalists, human-rights defenders, political figures, and others whose public roles or professional activities make them especially appealing targets for governments or commercial vendors operating in the surveillance-technology market.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
