Apple is alerting users to a new instance of an identified mercenary spyware attack on the iPhone. Possible victims have been sent an email from Apple describing how the attack could “remotely compromise the iPhone”. Victims are being notified in India and 91 additional countries, via Reuters.
Mercenary attacks of this nature typically cost millions of dollars, and are often useless once discovered by security researchers and patched by iOS security updates. They are often believed to be state-sponsored, due to the high cost of development to craft such complex and sophisticated attacks. However, in a notable change of language, Apple no longer says this explicitly in its threat notifications.
Apple has sent out these alerts in waves since 2021, as new attacks have been discovered. They generally target people like political activists, government officials, diplomats and journalists.
In this latest case, it seems the purpose of the attack was to install malicious software on the user’s device in order to spy on user’s data and their whereabouts.
Obviously, Apple continuously works to patch and defend against all manners of iPhone security bugs. Users can proactively help to defend themselves, by installing the latest software updates promptly, and consider enabling Lockdown Mode, which disables some iPhone system features that are particularly prone to vulnerabilities.
The origin of this latest attack is currently not disclosed. In addition to technical patches, Apple is also using its legal might to go after some of these spyware maker.
Israel’s NSO Group is one of the most notorious makers of such spyware. In November 2021, Apple sued NSO Group for its role in conducting surveillance attacks on Apple users. The case is ongoing.
