You’re reading the Apple Newsroom

Apple logo, Privacy, iMessage, spyware
Apple

Apple warns iPhone users in 92 countries of potential spyware attack

Apple Newsroom Staff
Apple Newsroom Staff - Staff
4 Min Read

Apple has sent threat notifications to iPhone users in 92 countries warning that they may have been a target of a spyware attack because of who they are or what they do, TechCrunch reports.

The alerts, Apple explains, are “designed to inform and assist users who may have been individually targeted by mercenary spyware attacks.” The company previously called these attacks “state-sponsored attacks,” but as TechCrunch notes, the company has updated its terminology to “mercenary spyware attacks.”

The latest alert sent to users in the 92 countries reads, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.” Apple says the notifications are sent to users via a banner on the Apple ID website and via an iMessage notification to a user’s registered phone number and email.

The attacks are more likely to target journalists, civil organizations, and technology firms that could be viewed as a threat to state actors, Apple says on its website. Some notable attacks include Pegasus from the NSO Group. Apple doesn’t disclose the countries in which the alerts are sent, but notes since 2021, users in over 150 counties have received the notification.

According to public reporting and research by civil society organisations, technology firms and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies developing mercenary spyware on their behalf, such as Pegasus from the NSO Group. Though deployed against a very small number of individuals – often journalists, activists, politicians and diplomats – mercenary spyware attacks are ongoing and global.

Since 2021, we have sent Apple threat notifications multiple times a year as we have detected these attacks, and to date we have notified users in over 150 countries in total. The extreme cost, sophistication and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today. As a result, Apple does not attribute the attacks or resulting threat notifications to any specific attackers or geographical regions.

Apple

The attacks are complicated by nature and everyday iPhone users aren’t likely to be the target of such attacks. Apple uses internal threat intelligence information to detect the attacks. Apple says it has “high confidence” in these alerts and that users who receive them should assume they’ve been the target of an attack.

Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack and should be taken very seriously. We are unable to provide information about what causes us to issue threat notifications, as that may help mercenary spyware attackers adapt their behaviour to evade detection in the future.

Apple

For users who receive an alert, Apple advises them to seek expert help such as that offered by Digital Security Helpline, which is open 24/7. For users who believe they’ve been attacked but haven’t received a threat notification, Apple advises users to enable Lockdown Mode on their devices, which drastically limits the surface area your devices have for a potential attack.

TOPICS:
Share this Article

Editor's Pick

Supercharged is not just another news outlet. We’re a platform on a mission to offer personalized and ad-free news directly to you. Discover more of Supercharged.

Read More

You’re reading the Apple Newsroom

  • Loading stock data...

Apple warns iPhone users in 92 countries of potential spyware attack

Apple Newsroom Staff
Apple Newsroom Staff - Staff
4 Min Read
Apple logo, Privacy, iMessage, spyware
Apple

Apple has sent threat notifications to iPhone users in 92 countries warning that they may have been a target of a spyware attack because of who they are or what they do, TechCrunch reports.

The alerts, Apple explains, are “designed to inform and assist users who may have been individually targeted by mercenary spyware attacks.” The company previously called these attacks “state-sponsored attacks,” but as TechCrunch notes, the company has updated its terminology to “mercenary spyware attacks.”

The latest alert sent to users in the 92 countries reads, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.” Apple says the notifications are sent to users via a banner on the Apple ID website and via an iMessage notification to a user’s registered phone number and email.

The attacks are more likely to target journalists, civil organizations, and technology firms that could be viewed as a threat to state actors, Apple says on its website. Some notable attacks include Pegasus from the NSO Group. Apple doesn’t disclose the countries in which the alerts are sent, but notes since 2021, users in over 150 counties have received the notification.

According to public reporting and research by civil society organisations, technology firms and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies developing mercenary spyware on their behalf, such as Pegasus from the NSO Group. Though deployed against a very small number of individuals – often journalists, activists, politicians and diplomats – mercenary spyware attacks are ongoing and global.

Since 2021, we have sent Apple threat notifications multiple times a year as we have detected these attacks, and to date we have notified users in over 150 countries in total. The extreme cost, sophistication and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today. As a result, Apple does not attribute the attacks or resulting threat notifications to any specific attackers or geographical regions.

Apple

The attacks are complicated by nature and everyday iPhone users aren’t likely to be the target of such attacks. Apple uses internal threat intelligence information to detect the attacks. Apple says it has “high confidence” in these alerts and that users who receive them should assume they’ve been the target of an attack.

Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack and should be taken very seriously. We are unable to provide information about what causes us to issue threat notifications, as that may help mercenary spyware attackers adapt their behaviour to evade detection in the future.

Apple

For users who receive an alert, Apple advises them to seek expert help such as that offered by Digital Security Helpline, which is open 24/7. For users who believe they’ve been attacked but haven’t received a threat notification, Apple advises users to enable Lockdown Mode on their devices, which drastically limits the surface area your devices have for a potential attack.

TOPICS:
Share this Article
NewsroomAppleiPhone

Editor's Pick

Supercharged is not just another news outlet. We’re a platform on a mission to offer personalized and ad-free news directly to you. Discover more of Supercharged.

Read More

Latest From Our Apple Newsroom

Secured By miniOrange