iPhone users in 98 countries warned of ‘mercenary spyware attacks’

Apple has warned a significant number of iPhone users in 98 countries that they appear to have been targeted by “mercenary spyware attacks” that could compromise almost all of the personal data on their devices.

The company says it can never be 100% certain of its conclusions, but that it has high confidence that they are correct, and urges recipients of the message to take the security warning seriously…

iPhone spyware can completely compromise devices

While iPhones are very secure, there is an ongoing cat-and-mouse battle between Apple and companies that invest millions of dollars in identifying and exploiting vulnerabilities.

The most notorious of these is NSO, whose Pegasus software can access almost all personal data stored on an iPhone. The company pays out huge sums of money to hackers who discover vulnerabilities that can be used for zero-click exploits – where no user interaction is required by the target.

Simply receiving a particular iMessage message – without opening it or interacting with it in any way – can result in an iPhone being completely hacked, without the owner knowing.

The company sells its software to governments, including some with very poor human rights records. These governments often target opposition politicians, human rights activists, journalists and lawyers.

Apple detects attacks and warns victims

Apple is of course doing everything it can to close these vulnerabilities as quickly as possible once the company becomes aware of them, but that may take some time.

One of the measures the company is taking in the meantime is to try to detect when an iPhone has been hacked (without necessarily knowing how it happened) and alert victims.

The company initially described these attacks as state-sponsored, but changed the wording earlier this year and instead used the term “mercenary spyware attack.”

Final warning for ‘mercenary spyware attacks’

TechCrunch reports that Apple has just issued one of these warnings to suspected victims in a total of 98 countries.

“Apple has detected that you have been targeted by a spyware attack that attempts to remotely compromise the iPhone associated with your Apple ID -xxx-,” the company wrote in the alert to affected customers.

“This attack is likely specifically targeted at you because of who you are or what you do. While it’s never possible to be absolutely certain in detecting these types of attacks, Apple has a high level of confidence in this warning — please take it seriously,” Apple added in the text.

Victims are generally advised to use Lockdown mode.

Apple is careful not to reveal anything about How It detects when an iPhone has been compromised, but it is likely that iOS contains code that periodically checks the integrity of the security measures in place. If a device fails these checks, an alert is sent to Apple, which in turn alerts the phone’s owner.

This means that the company can detect that an iPhone has been compromised for it knows how this has been achieved.

Photo by Jason Leem on Unsplash

FTC: We use income generating automatic affiliate links. More.

Leave a Comment