The main targets of these attacks typically include journalists, activists, politicians and diplomats due to their roles or the confidential information they may possess.
Apple has notified iPhone users in 92 countries about a “mercenary spyware attack” attempting to remotely compromise their devices. In an example notification shared with the website BleepingComputer, the company asks recipients who received the message via email and iMessage to take the alert seriously.
To protect yourself against attacks, Apple recommends a set of immediate actions that include enabling lock mode on your device, updating your iPhone and any other Apple products to the latest software version, and seeking expert assistance, such as from Digital Security. Helpline, a non-profit company that provides free technical support to journalists, activists and human rights defenders.
When describing mercenary spyware attacks, the notification highlights NSO Group’s Pegasus kit and says they are exceptionally well-funded, sophisticated and target a very small number of individuals. Apple also updated its spyware protection support page on Thursday, replacing the term “state-sponsored” with “mercenary spyware,” noting that these attacks are ongoing and global and sometimes involve private companies that develop espionage tools for state actors.
The main targets of these attacks typically include journalists, activists, politicians and diplomats due to their roles or the confidential information they may possess. Despite the sophistication of these attacks, Apple assures users that it is doing everything in its power to detect them, alert them, and help them take necessary action.
The actions Apple recommends people take are as follows:
• Contact the digital security hotline at Access Now for emergency security help and advice.
• Activate “Lockdown” mode for additional protection against spyware, significantly reducing the attack surface.
• Update messaging and cloud apps to the latest available versions.
• Update all other Apple devices (Mac, iPad) you use and enable “Lockdown” mode on them as well.
• Follow general best practices, such as applying the latest updates, using passwords, enabling two-factor authentication, downloading apps only from the App Store, using strong and unique passwords, and avoiding opening suspicious links or attachments.
Apple cannot detect all spyware attacks, so users who suspect they are being targeted are advised to activate “Lockdown” mode, even if they have not received notifications from the company.
Source: CisoAdvisor