Apple Alerts iPhone Users of Mercenary Spyware Threats in 92 Countries

Apple has issued warnings to iPhone users across 92 countries, notifying them of potential infiltration attempts by "mercenary spyware." The tech giant shared a sample notification with BleepingComputer, emphasizing the seriousness of the threat and urging recipients to take immediate action.

The notification, addressed to affected users, states, "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID." Apple underscores the gravity of the situation, emphasizing that the attack is likely tailored to the individual's identity or activities.

To counteract such threats, Apple advises users to implement several precautionary measures. These include activating lockdown mode on their devices, ensuring all Apple products are updated to the latest software versions, and seeking assistance from organizations like the Digital Security Helpline, which offers free technical support to journalists, activists, and human rights defenders.

The notification sheds light on the nature of mercenary spyware attacks, notably mentioning the NSO Group's Pegasus kit. These attacks, characterized as well-funded and highly sophisticated, typically target a select group of individuals, such as journalists, activists, politicians, and diplomats, due to their professional roles or access to sensitive information.

Apple has updated its support page to reflect the ongoing threat posed by mercenary spyware attacks, emphasizing their global reach and involvement of private entities in developing spying tools for state actors. Despite the complexity of these threats, Apple reassures users of its continuous efforts to detect and mitigate them effectively.

Since 2021, Apple has issued multiple threat notifications each year, reaching users in over 150 countries worldwide. However, the company refrains from attributing these attacks to specific perpetrators or geographic regions, given their extreme sophistication and widespread nature.

In the event of being targeted by such attacks, Apple advises users to remain vigilant and take prompt action. This includes contacting the Digital Security Helpline for emergency assistance, activating lockdown mode for enhanced protection, updating messaging and cloud apps, and adhering to best security practices such as enabling two-factor authentication and avoiding suspicious links.

Given the inherent challenges in detecting all spyware attacks, Apple recommends enabling lockdown mode as a proactive measure, even in the absence of notifications from the company. By prioritizing user security and vigilance, Apple aims to mitigate the risks posed by mercenary spyware attacks and safeguard its global user base.