Apple is likely to soon announce to its users in India and 91 other countries that they may have been victims of an attempted “mercenary spyware” attack in which someone tried to unlawfully access their devices, according to a report in The Indian Express (I.E).
The threat email sent by Apple stated: “Mercenary spyware attacks, such as those using NSO Group’s Pegasus, are exceptionally rare and far more sophisticated than regular cybercriminal activity or consumer malware.”
According to the IE report, Apple discovered that the user was “the target of a mercenary spyware attack that attempts to remotely compromise the iPhone” associated with a particular Apple ID.
The threat notice further read: “This attack is likely to target you specifically because of who you are or what you do. While it is never possible to have absolute certainty in detecting such attacks, Apple is very confident in this warning – please take it seriously. “
On Wednesday, Apple updated its support page with tips for users who may have been targeted by the mercenary spyware attack. The updated support page said: “Apple Threat Alerts are intended to inform and assist users who may have been individually targeted by mercenary spyware attacks, likely because of who they are or what they do.”
Since last year, this is the second threat notification sent to Apple users around the world. In October 2023, Apple had sent a similar notification to users in several countries, including India, warning them of a “state-sponsored” attack on their devices. In the threat reports, Apple had said that users facing such attacks are “individually targeted because of who they are or what they do.”
Apple had said: “Unlike traditional cybercriminals, state-sponsored attackers use exceptional tools to target a very small number of specific individuals and their devices, making these attacks much more difficult to detect and prevent.”
According to the company, these threat notifications have been sent to Apple users in more than 150 countries since 2021. Apple also denies providing more details about the possible attackers, saying this could help the attackers adjust their behavior to evade detection in the future.
Before 2021, Apple and Google used to provide alert notifications to users around the world, including those in India, notifying them of possible remote compromises on their devices due to an attack using Pegasus, a spyware developed by Israeli company NSO.
First print: April 11, 2024 | 10:20 am IST