Apple on Wednesday sent threat notifications to users in 92 countries warning that they may have been targeted by mercenary spyware attacks, likely because of who they are or what they do.
According to TechCrunch, Apple sent the alerts to the individuals at 12 p.m. Pacific Time, delivered via email and iMessage using the contact details associated with the user's Apple ID. A notification also appears at the top of the page if the user signs into appleid.apple.com.
"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," the company wrote in the warning to affected customers. "We are unable to provide more information about what caused us to send you this notification, as that may help mercenary spyware attackers adapt their behavior to evade detection in the future."
"This attack is likely targeting you specifically because of who you are or what you do. Although it's never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously," added the warning.
In an updated support document, Apple said it has sent similar threat notifications to users in over 150 countries since 2021. "The extreme cost, sophistication, and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today," said the company. "As a result, Apple does not attribute the attacks or resulting threat notifications to any specific attackers or geographical regions."
Last October, Apple sent similar warnings to some journalists and politicians in India. Soon after, nonprofit advocacy group Amnesty International reported that it had found Israeli cyber-arms company NSO Group's invasive spyware Pegasus on the iPhones of prominent journalists in India. Users in India are among those who received the latest threat notifications, according to people familiar with the matter who spoke to TechCrunch.
The alerts come at a time when many nations are preparing for democratic elections. Apple previously described the attackers as "state-sponsored" in the support document, but has replaced those references with "mercenary spyware attacks." The warning to customers reads: "Mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware."
Apple advises those who have received a threat notification to seek expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the nonprofit Access Now. Apple threat notification recipients can contact the Digital Security Helpline 24 hours a day, seven days a week through their website.
Users who have not received an Apple threat notification but have good reason to believe they may be individually targeted by mercenary spyware attacks are advised to enable Lockdown Mode on their devices for additional protection.
