Apple Warns Users in 150 Countries of Mercenary Spyware Attacks

Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks.

To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these attacks.

Such spyware attacks target individuals largely because of who they are and what they do, Apple said. While most people will never be targeted by these types of attacks, a small number of people — journalists, activists, politicians, and the like — will potentially be victimized. 

Apple said once it detects spyware it notifies the user within two days. The vendor does provide threat actor attribution, however.

In its notice, Apple pointed fingers at the NSO Group, one of the private companies that develops the mercenary spyware Pegasus that is used in such attacks. "According to public reporting and research by civil society organizations, technology firms, and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies," stated the notice on Apple's support page. 

Should an individual receive a threat notification, Apple recommends that they seek the help of either Apple or a third party. Apple's notifications never ask the user to click on any link or install an application; the threat notification can be verified simply by signing into applied.apple.com, where the notification will be at the top of the page.