Apple this week has sent security alerts to high-risk individuals in 92 countries, advising them to take the warning seriously, as threat actors are actively targeting them with mercenary spyware.
“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” the tech giant wrote in the warning to affected customers, as seen by the news media.
The warning, sent via email and iMessage, urges recipients to take the matter seriously:
“This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously,” Apple said.
Members of the media speculate that the spyware alerts arrive at a time when nations across the globe are preparing for elections, though Apple doesn’t specify why it’s issuing this particular warning.
“We are unable to provide more information about what caused us to send you this notification, as that may help mercenary spyware attackers adapt their behavior to evade detection in the future,” the notification reads.
Since 2021, the Mac maker has issued identical warnings several times a year as it has systematically detected and fought back against these attacks. To date, these notifications have been sent to customers in over 150 countries.
“The extreme cost, sophistication and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today,” the company says in an updated support document which replaces the previously-used term “state-sponsored” with “mercenary.”
This is to highlight the seriousness of the attacks, as well as the potency of the malware involved.
“As a result, Apple does not attribute the attacks or resulting threat notifications to any specific attackers or geographical regions,” it notes.
However, Apple’s guidance does mention the infamous NSO Group, whose commercial monitoring tools have been caught up in countless surveillance scandals, many amid political disputes and conspiracies.
In 2021, Apple sued the Israeli spyware maker accusing it of facilitating state-sponsored attacks on political activists, dissidents, free-speech advocates, and high-profile journalists.
Apple advises recipients to enable Lockdown Mode on their devices to reduce adversaries’ attack surface.
Mercenary spyware is used in precisely-targeted campaigns, meaning the “vast majority of users will never be targeted by such attacks,” according to the updated support doc.
However, the Cupertino giant advises everyone using an Apple device, including regular netizens, to “continue to protect themselves from general cybercriminals and consumer malware by following best practices for security.” According to the behemoth, those practices include:
- Update devices to the latest software, as that includes the latest security fixes
- Protect devices with a passcode
- Use two-factor authentication and a strong password for Apple ID
- Install apps from the App Store
- Use strong and unique passwords online
- Don’t click on links or attachments from unknown senders
Apple in recent years has been increasingly sending out software updates, including out-of-band emergency patches, to close holes exploited by mercenary spyware operators.
Bitdefender strongly recommends users periodically install the latest software updates sent out by Apple as soon as they’re made available, as almost every release includes important amendments to the security of iOS and macOS.
As of the time of this reporting, the latest versions available are iOS 17.4.1 and macOS Sonoma 14.4.1.
It is unclear if spyware operators are actively exploiting newly-found flaws in Apple software, or if they are merely attacking users wielding unpatched devices. If the company does push out new updates packed with fixes for actively-exploited bugs in the coming days or weeks, it will likely add more context to this week’s dire warning.
For peace of mind, Bitdefender also recommends running a dedicated security solution on all your personal devices at all times.