Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. This is the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April.
Since 2021, Apple has regularly sent these notifications, reaching users in over 150 countries, according to a support document on the company’s website. The latest warnings, released on Wednesday, did not disclose the attackers’ identities or specify the countries where users received notifications.
Apple’s message to affected users read, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-.” Apple stressed that these attacks likely target individuals based on their identity or activities. The company urged users to take the warning seriously, highlighting their high confidence in the detection.
Incidents in India
Users in India are among those who received the latest notifications. In October, Apple sent similar alerts to several journalists and politicians in the country. Amnesty International later reported finding Pegasus, a highly invasive spyware developed by Israeli firm NSO Group, on the iPhones of prominent Indian journalists.
However, it is currently unknown if Pegasus is responsible for the latest attacks.
Pegasus is a military-grade spyware classified as a weapon by the Israeli government. Due to its potency, Apple filed a lawsuit against NSO Group over Pegasus in 2021, accusing the company of using the software to “attack a small number of Apple users worldwide with malicious malware and spyware.”
How Does Apple Detect Spyware Attacks?
In its communication to affected users, Apple stressed the sensitive nature of its threat detection methods, cautioning that disclosing additional details could help attackers evade future detection. The company has notably shifted its language since last year, opting to describe these incidents as “mercenary spyware attacks” instead of the previously used term “state-sponsored” attacks.
Apple relies solely on its internal threat intelligence and investigations to detect such attacks, aiming to protect its users from these sophisticated threats. The company also noted that these attacks are far more complex than regular cybercriminal activity and consumer malware, requiring significant resources to target specific individuals and their devices.
In January, NSO Group sought to have Apple’s lawsuit dismissed, but a federal judge denied their motion. The judge stated, “The anti-hacking purpose of the CFAA [Computer Fraud and Abuse Act] fits Apple’s allegations to a T, and NSO has not shown otherwise.”
Featured Image courtesy of ALY SONG/REUTERS
Follow us for the latest Apple updates.