Apple is issuing warnings to iPhone users about potential “mercenary spyware attacks,” according to reports from antivirus software company MalwareBytes, human rights group Amnesty International, and cybersecurity research institution Citizen Lab. The messages, sent via Apple’s text message-based threat notification system, alert users that they are being targeted by spyware attempting to compromise their iPhones. While Apple has not publicly confirmed these messages, the alerts were reportedly sent to individuals in over 98 countries.
Amnesty International emphasized the seriousness of these attacks and urged targeted individuals who are members of civil society to contact the organization immediately. John Scott-Railton from Citizen Lab echoed this sentiment, advising recipients of the alerts to take them seriously and seek expert help, particularly if they are journalists, activists, or dissidents.
Apple’s warning message, as shared by Iltija Mufti, daughter and advisor to Mehbooba Mufti, leader of India’s Jammu and Kashmir Peoples Democratic Party, highlights the tech giant’s confidence in the threat detection. Apple’s bulletin from April suggests that those receiving such alerts are likely being targeted because of their identity and activities. The bulletin specifically mentions mercenary spyware like the NSO Group’s Pegasus program as being more sophisticated than typical cybercriminal activity.
The NSO Group has faced allegations that its Pegasus spyware was used to hack the cellphones of journalists, lawyers, human rights activists, and political activists in Jordan. Citizen Lab’s April report revealed that one target was successfully hacked on an iPhone, even after Apple sued NSO Group and notified Pegasus targets. NSO Group maintains that it only sells its software to vetted intelligence and law enforcement agencies for use against terrorists and serious criminals.
In addition to these spyware attacks, Symantec has warned of “smishing” attacks targeting Apple IDs through malicious SMS messages. Criminals seek to exploit Apple IDs for control over devices and access to personal and financial information. The reputation of Apple as a brand makes users more vulnerable to deceptive communications that appear to be from the company.
While Apple has not responded publicly to these reports, the alerts serve as a reminder of the ongoing threats posed by sophisticated spyware and the importance of taking cybersecurity seriously. As technology continues to advance, individuals and organizations must remain vigilant and seek expert assistance when faced with potential attacks.
