iPhone users in 98 countries warned of “mercenary spyware attacks”

Apple has warned a significant number of iPhone users in 98 countries that they appear to be the target of “mercenary spyware attacks” that could compromise virtually all personal data on their devices.

The company says it can never be 100% sure of its conclusions, but is very confident that they are correct, and urges message recipients to take the security alert seriously…

iPhone spyware can completely compromise devices

Although iPhones are very secure, there is a constant cat-and-mouse battle between Apple and companies that invest millions of dollars in identifying and exploiting vulnerabilities.

The most notorious of these companies is NSO, whose Pegasus software has access to almost all of the personal data stored on an iPhone. The company pays huge sums of money to hackers who discover vulnerabilities that can be used for zero-click exploits – where the target requires no user interaction at all.

By simply receiving a specific iMessage – without opening it or interacting with it in any way – an iPhone can be completely compromised without the owner knowing.

The company sells the software to governments, including those with very poor human rights records. These governments often target opposition politicians, human rights activists, journalists and lawyers.

Apple detects attacks and warns victims

Of course, Apple is working hard to close these vulnerabilities as soon as they become known, but this may take some time.

One of the steps the company is taking in the meantime is to try to determine when an iPhone has been compromised (without necessarily knowing how this was achieved) and warn victims.

The company initially described these attacks as state-sponsored, but changed that wording earlier this year and used the term “mercenary spyware attack” instead.

Latest warning about “mercenary spyware attacks”

TechCrunch reports that Apple has just issued one of these warnings to suspected victims in a total of 98 countries.

“Apple has determined that you are the target of a high-margin spyware attack that attempts to remotely compromise the iPhone associated with your Apple ID -xxx-,” the company wrote in the warning to affected customers.

“This attack likely targets you specifically because of who you are or what you do. While it is never possible to achieve absolute certainty in detecting such attacks, Apple has high confidence in this warning – please take it seriously,” Apple added in the text.

Victims are usually advised to use lockdown mode.

Apple reveals nothing about How It detects when an iPhone has been compromised, but iOS probably contains code that regularly checks the integrity of the protections in place. If a device fails these checks, an alert is sent to Apple, which in turn notifies the phone’s owner.

This means the company can detect whether an iPhone has been compromised Before it is known how this was achieved.

Photo by Jason Leem on Unsplash