It may not come as a surprise to hear that Apple has once again issued warning letters, this time informing specific individuals that a state-sponsored hacking team has targeted them. In the case of Armenia, this means that the individual’s phone has likely been infected with Pegasus spyware, which was most likely installed by the Israeli company NSO Group on behalf of the Azerbaijani government.

Example of a security breach alert from Apple

For the past two years, CyberHUB has been investigating an increasing number of infected phones. Apple warnings can indicate an unsuccessful infection, meaning the phone is clean, but there are multiple infection cases. It’s important to note that a warning doesn’t necessarily indicate a new infection, as people sometimes find out they were attacked a year or two ago. Based on the large number of phones we’ve checked over the years (each representing a unique individual), we’ve been able to draw some far-reaching conclusions.

It is important to note that we have an incomplete understanding of the true extent of infections in terms of their quantity and duration. The infections we have identified date back to the 2020 war and continued until at least the end of summer in 2021. There were also instances of infection clusters during the border military conflicts of 2021-22 and before the 2021 elections. Overall, it can be inferred that infections were consistently present.

Our team at CyberHUB, in collaboration with our partner Ruben Muradyan, has examined over one hundred mobile devices, but we are aware of double the number of cases. We have received information from specific individuals who have received warning letters from Apple. Additionally, many people have been notified through intermediaries. For instance, trustworthy individuals have communicated to us that “everyone in our department has received it” (referring to emails from Apple). It is important to note that a considerable number of people have also kept the receipt of the letter confidential to avoid appearing vulnerable due to the nature of their job.

To put it simply, the use of Pegasus by the authorities of Azerbaijan has allegedly targeted around a thousand individuals within their borders. The number of people targeted in Armenia is expected to be much higher, possibly in the thousands. However, it is difficult to get an accurate estimate of the total number of individuals targeted by Pegasus.

It should be noted that the spyware attack targeted several high-profile individuals, including representatives of state institutions. The Prime Minister of Armenia, the speaker of the National Assembly, and the current president, who previously held the position of Minister of High Tech Industry, have all reported receiving warnings from Apple at different times. These statements provide insight into the extent to which the state’s systems have been compromised. It has been reported that even ordinary employees and the family members of officials, including children, were also targeted.

It is worth noting that in Artsakh, there was a similar picture.

The entire spectrum of society, including opposition politicians, civil society representatives, activists, journalists, and editors were all infected.

It can be concluded that during the war, the Azerbaijani special services had access to a vast amount of information regarding the innermost scenes of Armenia and Artsakh. This detailed spying continued until the attack on Artsakh.

During the war between Azerbaijan and Armenia, Azerbaijan gathered data from the phones of citizens in the Republic of Armenia and Artsakh. It is important to note that many people were not concerned with phone security until recently when the Pegasus scandal broke. Before that, phone security was not a major concern, and people were often careless. Although the situation has not improved significantly, there is now a greater awareness of the dangers among the general public.

It is crucial to understand that if even a single door is left open, the presence of high walls becomes irrelevant; this is especially true when it comes to the phones of officials, which carry sensitive data and are constantly in their possession.

While individuals may exercise greater caution nowadays, it is crucial to adopt a systematic approach, as even a handful of infected devices could lead to catastrophic outcomes.

Samvel Martirosyan