Apple has issued a warning to iPhone users across 92 countries about a mercenary spyware attack targeting their devices remotely. The company expresses high confidence in the warning and urges users to take immediate action. According to a notification shared, the spyware attempts to compromise iPhones linked to specific Apple IDs.
The notification also refers to NSO Group’s Pegasus kit, highlighting the exceptional funding, sophistication, and narrow target range of these attacks. Apple has revised its spyware protection support page, shifting from “state-sponsored” to “mercenary spyware” to describe these ongoing and global attacks perpetrated by private companies for state actors.
Journalists, activists, politicians, and diplomats are primary targets due to their influential roles and access to sensitive information. Despite the complexity of these attacks, Apple commits to detecting them, alerting affected users, and guiding them on protective measures.
Since 2021, Apple has sent out numerous threat notifications upon detecting these attacks, reaching users in over 150 countries. However, a spokesperson has recently declined to detail the scope of the latest campaign.
Apple’s updated support page notes that the extreme cost, sophistication, and global nature of mercenary spyware attacks rank them among the most advanced digital threats today, without attributing them to any specific attackers or regions.
If targeted, users will receive an email and iMessage notification linked to their Apple ID, and a threat notification will appear on the Apple ID portal upon login to verify authenticity. As Apple cannot detect all spyware attacks, it’s advisable to enable Lockdown Mode, and contact a reputable cybersecurity firm even if you have received no notifications from the company.
Apple suggests the following steps for those targeted:
- Enable Lockdown Mode to enhance protection against spyware by reducing potential vulnerabilities.
- Contact a reputable cybersecurity firm for an urgent security assistance.
- Ensure messaging and cloud apps are updated to the latest versions.
- Update and activate Lockdown Mode on all other Apple devices, such as Macs and iPads.
- Apply general security best practices like installing the latest updates, using passcodes, enabling two-factor authentication, downloading apps solely from the App Store, employing strong and unique passwords, and avoiding suspicious links or attachments.
About Purple Shield Security
Purple Shield Security stands out from the crowd of cyber security firms. Picture us as the guardians of your digital space, always on the lookout to protect your business from the newest cyber dangers. We’ve got a variety of services to help keep you safe, including Managed Cyber Security, Cyber Security Consulting, Risk Analysis, Defense Services, Incident Response, and even a virtual Chief Information Security Officer (vCISO).
Don’t put off making your business safer. Contact us now to see how Purple Shield Security can upgrade your cyber defenses.