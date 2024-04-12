



Apple sent an iPhone security alert to people in 92 countries on Wednesday, warning them that their iPhones have been remotely targeted in a spyware attack by mercenaries.

“We have detected that you are the target of a mercenary spyware attack,” the company said in a threat notification email seen by CNET. “This attack may be specifically targeting you because of who you are or what you do.”

Compared to cybercrime and consumer malware, mercenary attacks stand out due to their rarity and complexity. These carefully orchestrated attacks cost millions of dollars and are concentrated by a small number of people. The company said in an email that this targeting is ongoing and global.

“If a device is compromised by a targeted mercenary spyware attack, an attacker could potentially gain remote access to sensitive data, communications, and even cameras and microphones,” the threat notification email said.

The news was first reported by the Indian economic newspaper Economic Times, which reported that India was also one of the affected countries. It's unclear whether U.S. iPhone owners were targeted. An Apple spokesperson had no comment beyond what was shared in the notification email.

In a help page published Wednesday, the company offered advice on what to do if you receive a threat notification.

“We strongly encourage you to seek professional help, including the rapid emergency security assistance provided by the nonprofit Access Now Digital Security Helpline,” Apple said in a statement. “A recipient of Apple's threat notifications can contact the Digital Security Helpline 24 hours a day, 7 days a week through the website.”

The company also mentioned Pegasus, a sophisticated spyware developed by Israel's NSO Group, in notifying people of the latest mercenary attacks.

In November 2021, Apple filed a lawsuit against NSO Group, holding it accountable for using Pegasus to monitor and target Apple users. This spyware has previously infected victims' devices, including iPhones, without informing users. Since 2016, cyber watchdogs have discovered several instances in which Pegasus has been used by various organizations to monitor journalists, lawyers, political dissidents, and human rights activists.

