Apple sent a fresh batch of threat notifications to users in 92 countries, including India, on April 10, warning them that they may have been individually targeted by a "mercenary spyware attack" attempting to remotely compromise their iPhone.
In the notification, a copy of which has been viewed by Moneycontrol, Apple notes that mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware.
"These attacks cost millions of dollars and are individually deployed against a very small number of people, but the targeting is ongoing and global...This attack is likely targeting you specifically because of who you are or what you do." it said.
"The extreme cost, sophistication, and worldwide nature makes mercenary spyware attacks some of the most advanced digital threats in existence today. As a result, Apple does not attribute the attacks or the notice you’re receiving to any specific attackers or geographical regions," the notification read.
Apple said it relies solely on "internal threat-intelligence information and investigations to detect such attacks".
"Although our investigations can never achieve absolute certainty, Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack and should be taken very seriously" the company said on its website.
Since 2021, the iPhone maker has notified users in over 150 countries after the company started sending threat notifications to users. Apple declined to comment on this development to Moneycontrol.
The notification also outlines various steps and recommended actions for users affected by this spyware attack. This includes enabling lockdown mode, which the company claims offers the "strongest protection for users," updating their iPhone and other Apple devices to the latest software version, updating their messaging and cloud apps to the latest available versions, and enlisting expert help.
"Public reporting and research has shown that mercenary spyware attacks target users across modern computing platforms, including iOS and Safari as well as Google Android, Google Chrome, and Microsoft Windows, as well as a variety of messaging and cloud apps including iMessage and WhatsApp," the notification read.
"If your device is compromised by a targeted mercenary spyware attack, the attacker may be able to remotely access your sensitive data, communications, or even the camera and microphone," it added.
Apple has also updated the threat notification support page on its website, dropping the reference for attacks as 'state-sponsored', instead referring to them as 'mercenary spyware attacks'
"We are unable to provide information about what causes us to issue threat notifications, as that may help mercenary spyware attackers adapt their behaviour to evade detection in the future" the company said.
This move comes after the iPhone maker was caught in a political firestorm in India in October 2023.
Several politicians from opposition parties, including TMC's Mahua Moitra, Shiv Sena (UBT's) Priyanka Chaturvedi, Congress' Pawan Khera and Shashi Tharoor, AAP's Raghav Chadha, and CPIM's Sitaram Yechury, said that they had received notifications from Apple warning them that their devices were being targeted by state-sponsored attackers.
Observer Research Foundation (ORF) president Samir Saran, as well as journalists Siddharth Vardarajan and Sriram Karri, also said that they had received similar notifications from Apple.
On November 2, Moneycontrol reported that the Ministry of Electronics and Information Technology (MeitY) had sent a notice to Apple regarding threat notifications. IT secretary S Krishnan had also said that Indian Computer Emergency Response Team (CERT-IN) is investigating the matter.
Apple was also sending its technical and cybersecurity experts to the country to meet with officials investigating the matter, Moneycontrol reported on November 9.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
