Apple has issued an urgent warning about a wave of sophisticated and coordinated spyware attacks targeting specific individuals in 92 countries. According to a report by The Economic Times, the company sent an email warning targeted individuals that they were “targeted by a mercenary spyware attack that is attempting to remotely compromise iPhones.”
The email explains that the attacks are specifically targeting individuals because of their identities and specific jobs. While the email says Apple cannot be 100% certain that such attacks are taking place, the company is very confident in its findings and urges people to take them seriously.
On April 10, Apple also updated its support page on threat notifications and “spyware for hire.” The page explains how spyware for hire attacks work, how Apple will alert users if they are the victim of such an attack, and what to do if you are the target of this type of attack.
These softwares target specific individuals. (Photo: Insider)
One thing to note is that this software does not randomly attack everyone around the world. The individuals “in the target” are a small number of politicians, journalists, campaigners and other influential people in society.
What is a "mercenary" attack?
So what is a spyware-for-hire attack, and should iPhone users be worried? On the one hand, most iPhone users will never be targeted by these types of attacks because they are expensive and complex. However, these attacks are very damaging because the attacker can remotely control and steal sensitive data from the user’s device.
According to ZDNet, the purpose of the attack is often to get back at someone for their statements or actions, especially if they "touch" the force behind the attacks.
More advanced and sophisticated than typical cybercrime, mercenary spyware attacks often target a small number of people. According to Apple, these attacks can cost millions of dollars and are often short-lived, making them challenging for anyone trying to detect and stop them.
While this type of behavior is rare, Apple has sent out threat alerts multiple times a year since 2021, notifying users in more than 150 countries so far.
Perhaps the most famous spyware used for this type of attack is NSO Group's Pegasus, which has been used in mercenary espionage campaigns against prominent journalists, politicians, and other individuals.
NSO has often shied away from any responsibility, claiming that the company only sells Pegasus to intelligence or law enforcement agencies and that Pegasus can only be used to fight terrorism and crime.
Sample text message sent by Apple to warn some users about spyware. The company said the warning could still be false, but asked users to take it seriously. (Photo: X)
However, Apple and other companies have sued NSO for its role in previous attacks. Apple was also forced to build and deploy fixes for iPhones, iPads, Macs, and Apple Watches to fix the vulnerabilities exploited by Pegasus.
Apple typically notifies compromised users several times a year in two ways: Displaying a warning at the top of the page after users sign in to their Apple ID, or by sending emails and iMessage notifications to the email addresses and phone numbers associated with the user's account.
Apple said it could not provide further information about the cause of the notice because doing so could help attackers adjust their behavior to avoid detection in the future.
Source
Comment (0)