Overview
- Apple’s threat notification program flagged over a dozen Iranian iPhone users in early 2025 for suspected zero-day, zero-click spyware intrusions.
- Digital rights group Miaan Group and researcher Hamid Kashfi confirmed victims included two internal dissidents and a Europe-based technology professional.
- In alerts reviewed by Bloomberg, Apple described the campaigns as “exceptionally rare” operations costing millions of dollars.
- Forensic analysis was hampered by victims’ reluctance and technical constraints inside Iran, preventing full examination of the malware.
- Apple declined to assign blame in its public notifications, and security experts are still probing who orchestrated the sophisticated attacks.