Apple has recently (10th July 2024) issued notifications to certain iPhone users in 98 countries worldwide, including India regarding a potential series of advanced spyware attacks.
The warning highlighted the seriousness of these attacks which may be targeted at gaining remote access to iPhone users' devices.
"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-" the company is reported to have stated.
The details:
According to reports, the company's notification to users also stated "This attack is likely targeting you specifically because of who you are or what you do. Although it's never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously."
The user alert mentioned that "Mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware. These attacks cost millions of dollars and are individually deployed against a very small number of people, but the targeting is ongoing and global."
An official statement is yet to be released on the matter by Apple.
In April this year, Apple issued similar notifications in 92 countries including India for potential attacks by "mercenary spyware."
The risks:
According to Amnesty International "Spyware is a type of malicious software used for surveillance purposes. It interferes with a device's normal operation to secretly collect information from a device without alerting the user."
Cert-In is the nodal agency to deal with cyber security incidents in India. It has been reported that Cert-In had earlier identified weaknesses in Apple's OS, like its Safari browser. The agency is also reported to have flagged "potential risks associated with older versions of Safari and iOS, which could potentially allow malicious actors to execute unauthorized code on targeted devices."