Apple has issued a new spyware warning to iPhone users in 92 countries, after it revealed they had been targeted. Apple users were warned of the attacks in an email notification seen by Reuters.
In India and 91 other countries, victims of spyware attacks were notified that adversaries had attempted to “remotely compromise an iPhone.”
Apple has issued a new spyware warning to iPhone users in 92 countries, after discovering they were … [+]
“Apple has discovered that you are the target of a mercenary spyware attack that is attempting to remotely compromise the iPhone associated with your Apple ID -xxx-,” the warning said.
“This attack is probably aimed at you because of who you are or what you do. While it is never possible to achieve absolute certainty in detecting such attacks, Apple has great confidence in this warning – please take it seriously.”
A new iPhone attack apparently aimed to install malware on the device to spy on users’ data and location. Apple has already sent these emails, with multiple warnings in more than 150 countries since 2021, according to an email sent by the iPhone maker.
Apple did not disclose where the attack came from, but spyware attacks are typical of nation-state actors. In 2021, Apple sued the Israeli company NSO Group for its role in attacks on iPhone users.
Why Apple is releasing regulatory updates for the iPhone
Over the past few years, Apple has released an increasing number of iOS updates to address loopholes that could be used for spyware attacks. Some of these come as emergency security updates, especially when the iPhone’s flaw is already being used in attacks.
Spyware attacks are scary because the malware can be delivered in a so-called no-click attack that requires no interaction from the iPhone user. One example is a malicious image that can be sent via iMessage or WhatsApp.
If iPhone spyware attacks like these are successful, they allow adversaries to completely take over the device. Attackers can eavesdrop on calls, read emails—and even access apps like WhatsApp and Signal, because they can see everything on your iPhone’s screen.
New iPhone spyware warning — what to do
This might sound alarming, but spyware attacks only target a specific subset of users, typically journalists, dissidents, government officials, and companies operating in specific sectors. If this applies to you, Apple has introduced Lockdown Mode for use on your iPhone. It does reduce the functionality of your iPhone, but it’s worth it if you fall into this group and may be at risk.
“These are likely to be highly targeted attacks, targeting specific people, so ordinary iPhone users have nothing to worry about,” says Sean Wright, head of application security at Featurespace.
Nevertheless, it recommends that all iPhone users apply security best practices. “Make sure you’ve applied the latest update, only install apps from trusted sources, and apply some controls to those apps – such as permission review.”
Other tools like VPNs “may have limited benefit,” Wright says. “This will largely depend on where the attack is coming from and how the new spyware works, for example whether it deletes data before network traffic is sent and received.”
Signs that your iPhone may have been targeted by spyware include the device slowing down, the battery draining quickly, or overheating. If you find that this is happening to your iPhone, in some cases turning it off can temporarily disrupt the malware.
If you have received an alert from Apple, you can contact the human rights organization Amnesty International’s Security Lab, which offers digital forensic support to vulnerable human rights defenders, activists, journalists and members of civil society.
“If you are a member of civil society and have received a notification from Apple, you can contact us and request forensic support via our help form,” reads a notice on Amnesty International’s website.
In general, every iPhone user should make sure their iOS software is up-to-date—the latest version is iOS 17.4.1. Apple could also release a new iOS update to patch the holes used in this latest spyware attack, or the iPhone maker may have already patched it.