Apple has issued a warning to users in 92 countries, including India, regarding the threat of “mercenary spyware”. This alert comes after several opposition leaders reported receiving messages indicating attempted breaches by “state-sponsored” hackers targeting their iPhones. The notification, which was sent out late at night, mentions the Pegasus spyware, which stirred controversy in 2021 over allegations of snooping on opposition figures. While the NSO Group, the developer behind Pegasus, claimed its clients were exclusively vetted governments and their agencies, the opposition demanded clarity from the Indian government. A Supreme Court panel found no evidence of the spyware on the phones of the 29 complainants in the case.
Apple’s statement explains that these notifications aim to inform and assist users who may have been individually targeted by mercenary spyware attacks, likely due to their identity or activities. These attacks are described as highly sophisticated and costly, often targeting specific individuals such as journalists, activists, politicians, and diplomats. They are associated with state actors and private companies developing spyware like Pegasus.
The notifications are triggered when users sign into their Apple ID accounts, displaying a threat notification at the top of the page. Additionally, Apple sends email and iMessage notifications to the associated email addresses and phone numbers. The alerts provide guidance on steps users can take to protect their devices, including enabling Lockdown Mode, updating to the latest iOS version, and seeking assistance from expert resources like the Digital Security Helpline provided by Access Now.
Apple emphasizes the importance of caution when interacting with messages, as some spyware attacks require no user interaction, while others rely on tricking users into clicking malicious links or opening attachments. The company advises users to be wary of unexpected or unknown senders and to refrain from opening links or attachments from such sources.
For users who have not received a threat notification but suspect they may be targeted, Apple recommends enabling Lockdown Mode as an additional precaution. The company also suggests changing passwords for sensitive websites and services accessed from the iPhone, as successful attacks may compromise credentials for other accounts.
Overall, Apple underscores the seriousness of mercenary spyware attacks and reassures users that threat notifications are high-confidence alerts based on internal threat intelligence and investigations. By taking appropriate precautions and seeking expert guidance, users can mitigate the risks associated with these sophisticated digital threats.
