Apple warns iPhone users in India, 91 other countries of ‘mercenary spyware’ attack

Some iPhone users in India have been warned by Apple that their instruments have been potentially attacked by “mercenary spyware”, which includes the Israeli Pegasus malware.

Emails notifying the threat were sent out on Thursday (April 11) to the impacted users in India as well as people in 91 other countries. But Apple did not attribute the latest attacks to any stakeholder.

Apple warning

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” the notification read.

“This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”

It went on: “Mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware. These attacks cost millions of dollars and are individually deployed against a very small number of people, but the targeting is ongoing and global,” Apple said.

High cost

The company advised users to be cautious with all links they receive, and not to open links or attachments from unexpected or unknown senders.

Apple also said that the extreme cost, sophistication and worldwide nature makes mercenary spyware attacks some of the most advanced digital threats in existence.

“Public reporting and research have shown that mercenary spyware attacks target users across modern computing platforms, including iOS and Safari as well as Google Android, Google Chrome, and Microsoft Windows, as well as a variety of messaging and cloud apps including iMessage and WhatsApp. These attacks are very well funded and are constantly evolving,” the notification said.

To avoid detection

The company said it was unable to provide more information about what caused it to send the threat notification as that could help mercenary spyware attackers “adapt their behaviour to evade detection in the future”.

Apple has also updated its support page to provide tips for users who may have been targeted by mercenary spyware.

In October last year, Apple sent a similar notification to some Opposition leaders including Shashi Tharoor of the Congress, Raghav Chadha of AAP and Mahua Moitra of Trinamool Congress. They were warned about a “potential state-sponsored spyware attack” on their iPhones.

Pegasus controversy

Later, following pressure from the government, the company clarified that it “does not attribute the threat notifications to any specific state-sponsored attacker”.

Apple began sending these threat notifications in 2021. Last year, at least 20 Indians with iPhones received them.

The Pegasus controversy had broken out in India following media reports of alleged illegal use of the software to tap the phones of some activists, journalists and politicians.