Apple alerts users in 92 nations to mercenary spyware attacks
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that they may have been targeted by mercenary spyware attacks.
The company said it sent the alerts to individuals in 92 nations at 12 p.m. Pacific Time Wednesday. The notification, which TechCrunch has seen, did not disclose the attackers' identities or the countries where users received notifications.
"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," it wrote in the warning to affected customers.
"This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously," Apple added in the text.
The iPhone maker sends these kind of notifications multiple times a year and has notified users to such threats in over 150 countries since 2021, per an updated Apple support page.
Apple also sent an identical warning to a number of journalists and politicians in India in October last year. Later, nonprofit advocacy group Amnesty International reported that it had found Israeli spyware maker NSO Group’s invasive spyware Pegasus on the iPhones of prominent journalists in India. (Users in India are among those who have received Apple's latest threat notifications, according to people familiar with the matter.)
The spyware alerts arrive at a time when many nations are preparing for elections. In recent months, many tech firms have cautioned about rising state-sponsored efforts to sway certain electoral outcomes. Apple's alerts, however, did not remark on their timing.
"We are unable to provide more information about what caused us to send you this notification, as that may help mercenary spyware attackers adapt their behavior to evade detection in the future," Apple told affected customers.
Apple previously described the attackers as "state-sponsored" but has replaced all such references with "mercenary spyware attacks."
The warning to customers adds: "Mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware."
Apple said it relies solely on "internal threat-intelligence information and investigations to detect such attacks."
"Although our investigations can never achieve absolute certainty, Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack and should be taken very seriously," it added.