Apple has informed iPhone users across 98 countries that they have been targeted by a sophisticated spyware attack. This follows a warning issued in April to users in 92 countries. The persistent threat underscores the global and continuous nature of mercenary spyware attacks, which are increasingly becoming one of the most advanced digital threats.
The warning message states: “Apple has detected that you have been targeted by a mercenary spyware attack attempting to compromise the iPhone associated with your Apple ID remotely. This attack is likely specifically targeting you based on who you are or what you do. While it’s impossible to be absolutely certain when detecting such attacks, Apple is very confident in this warning. Please take it seriously.”
These mercenary spyware attacks are distinguished by their high cost and complexity, often targeting a few specific individuals, such as journalists, activists, and diplomats. The attackers typically invest millions of dollars, using sophisticated methods that make detection and prevention challenging. According to Apple, “The cost, complexity, and global nature of mercenary spyware attacks make them one of the most sophisticated digital threats today.”
To combat these threats, Apple advises all users to protect their devices proactively. This includes installing the latest updates, securing devices with strong passwords and two-factor authentication, using apps only from the App Store, and avoiding links and attachments from unknown senders. Apple also recommends enabling Lockdown Mode, which offers additional protection against spyware attacks.
John Scott-Railton, a renowned spyware researcher at Citizen Lab, emphasizes the impact of Apple’s notifications. “Apple’s threat notifications have helped change the information balance between spyware victims and attackers. They have also led to a wave of scandals and discoveries of spyware abuse, such as in Poland,” he notes.
Apple’s threat notifications are part of a broader effort to inform and assist users who these sophisticated attacks may target. The company sends these alerts based on its internal threat-intelligence information and investigations, maintaining high confidence in the accuracy of these warnings. However, Apple refrains from disclosing specific details about the detection methods to prevent attackers from adapting their tactics.
The tech company ensures that its notifications do not request users to click on any links, open files, install apps, or provide personal information via email or phone. Users can verify the authenticity of a notification by signing in to appleid.apple.com, where a threat notification will be prominently displayed if applicable.
For those who receive a threat notification, seeking expert help is strongly advised. Apple recommends contacting the Digital Security Helpline at Access Now, which provides 24/7 emergency security assistance tailored to the needs of targeted individuals.
Amnesty International, along with spyware experts and Apple, urges recipients of these warnings to take them seriously. Amnesty Tech tweeted, “Apple has sent another round of notifications to iPhone users to inform them that they are being targeted by ‘mercenary spyware attacks’. Read our blog on what this means and what you can do if you’re a member of civil society + received an alert.”
