Apple sends new warning about mercenary spyware attacks to iPhone users. Should you be worried now?

Maria Diaz/ZDNET

Apple is sounding a new round of alarm over a wave of sophisticated and destructive spyware attacks targeting targeted individuals in 92 countries. Spotted by TechCrunch On Wednesday, Apple sent out an email warning targeted individuals that they “are being targeted by a mercenary spyware attack that is attempting to remotely compromise the iPhone associated with your Apple ID.” The email also included the specific ID of each individual who received it.

The email explained that the attack is likely targeting each potential victim because of who they are or what they do.

Also: Removing spyware from your phone can be tricky. These options are your best bet

“While it is never possible to achieve absolute certainty when detecting these types of attacks, Apple has great confidence in this warning – please take it seriously,” Apple added in its message.

This is the second such warning Apple has issued in 2024. In April, the company sent a similar alert to select iPhone users to warn them about mercenary spyware attacks targeting them. At the same time, Apple updated its support page on Threat notifications and mercenary spywareThe page explains how mercenary spyware attacks work, how Apple will alert its users if they are victims of such an attack, and what to do if you are the target of such an attack.

Apple warns of mercenary spyware attack


What exactly is a mercenary spyware attack? Should the average iPhone user be concerned? On the one hand, most iPhone users will never be the target of such an attack. On the other hand, such an attack could prove devastating to you, as a successful attacker can remotely control and steal sensitive data from your device.

These attacks, which are often carried out by or on behalf of nation states, are often directed against individuals who perform specific functions in society, such as journalists, activists, politicians and diplomats. The aim is often to get revenge on someone for what they did or said, especially if the attack is against a government, political leader or other authority.

Also: Google’s dark web monitoring service will soon be free for all users — here’s how to use it

More advanced and complex than the average cybercrime, a mercenary spyware attack typically targets a small number of people. The attacks can cost millions of dollars, according to Apple, and are typically short-lived, making them challenging for anyone trying to detect and stop them. While these attacks are rare, Apple has sent out threat notifications several times a year since 2021, notifying people in more than 150 countries.

“It’s very important to recognize that mercenary spyware, unlike others, is deliberately designed with advanced capabilities, including zero-day exploits, complex obfuscation techniques, and self-destruct mechanisms, making it highly effective and difficult to detect,” Krishna Vishnubhotla, vice president of product strategy at mobile security vendor Zimperium, told ZDNET in April. “Operating in a stealthy manner is key to their success. Mercenary spyware developers go to great lengths to remove any clues that could link the software to them or their customers.”

Probably the most well-known spyware for this type of attack is Pegasus, from the Israel-based NSO Group, which has been used in mercenary spyware campaigns against well-known companies. journalists, politiciansand others. NSO Group typically shirks any responsibility, claiming that the company sells Pegasus only to intelligence and law enforcement agencies and that Pegasus can only be used against terrorists and criminals.

However, Apple and other companies have… sued the NSO Group for its role in state-sponsored attacks. Apple has also been forced to create and implement bug fixes for iPhone, iPad, Mac, and Apple Watch to harden vulnerabilities exploited by Pegasus.

Although these attacks are often state-sponsored, Apple removed that term from their alert and from the latest update of their support pageafter facing pressure from the Indian government to link such breaches to state actors, a source with direct knowledge told Reuters. However, the support page still claims that “individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors.”

Also: How to tell if an AirTag is tracking you

How can you tell if you’re the target of a mercenary spyware attack? If Apple determines you’re a potential victim, you’ll receive an email and text message with an alert. A threat notification will also appear at the top of your screen. Your Apple ID page after logging in.

Apple suggests that all iPhone users take the following steps to protect themselves from spyware and similar threats:

  • Protect your device with a passcode.
  • Protect your Apple ID with two-factor authentication and a strong, secure password.
  • Update your device to the latest version of the operating system, which usually includes the latest security fixes.
  • Install apps only from the App Store.
  • Use strong, unique passwords for all your online accounts.
  • Do not click on links or attachments from unknown senders.

You can also protect yourself against these types of attacks by enabling Lock modewhich disables or limits key features and settings to prevent spyware from stealing sensitive data. In the event of an attack, Apple recommends that you also contact experts, such as the rapid-response emergency security assistance offered by Apple. Digital safety helpline from nonprofit group Access Now.

Source link

Leave a Comment