Apple Alerts iPhone Users of Potential “Mercenary Spyware Attack”
Apple has issued a caution to its users in 92 countries, warning them of a potential “mercenary spyware attack.” The tech giant sent out an email notification, seen by Reuters and TechCrunch, informing possible targets about attempts to “remotely compromise” their iPhones.
This alert included a departure from Apple’s previous terminology in such notifications, as the company had previously referred to such threats as “state-sponsored” attacks. This time, Apple described the threat as a “mercenary spyware attack.” The notification did not disclose the attackers’ identities or the specific countries where the targets were located.
The alert, which was sent out last Wednesday, reportedly reads:
“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-.
This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
The alert also included steps that affected iPhone owners can take to protect their devices. Users should update their devices to the latest software, use a passcode to protect their devices, enable two-factor authentication and a strong password for Apple ID, install apps from the App Store, and enable Lockdown Mode to reduce the attack surface for spyware.
Apple started Threat Notifications to help users “who might have been individually targeted by mercenary spyware attacks.”
The company explained that these attacks are historically associated with state actors, including private companies like the NSO Group behind the Pegasus spyware attack of October 2023, and are highly sophisticated and aimed at individual targets. Apple had filed a lawsuit against the NSO Group for monitoring and targeting Apple users in November 2021.
The decision to revise the terminology in the threat notification comes amidst scrutiny and pressure from various governments, including India. Following previous alerts in October, which attributed the attacks to “state-sponsored” actors, accusing the Indian government of attempting to hack into the opposition’s mobile phones.
Mercenary spyware attacks are rare, but they pose significant threats, far surpassing typical cybercriminal activity, Apple further explained. Apple has taken a proactive approach to securing iPhones by issuing threat notifications since 2021 and has sent out such alerts to users in over 150 countries to date.
