A terrifying and extremely advanced cyberattack has impacted iPhone users from at least 92 countries, including India, Reuters reported.
Parent company Apple warned targeted users in an email that hackers aimed to “remotely compromise the iPhone” and updated its guidance about these cases of highly sophisticated device infiltration Wednesday.
Called “mercenary attacks,” they actually don’t hone in on average users to lift a bank account number or other personal information. Everyday people typically are never a target at all even.
Instead, they commonly target high-profile individuals — “likely because of who they are or what they do” — in small numbers.
They typically include politicians, diplomats, journalists and activists, according to Apple.
“The extreme cost, sophistication and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today,” Apple wrote in its new guidance.
“Such attacks are vastly more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices.”
“Mercenary spyware attacks are exceptionally well funded and they evolve over time.”
While the latest warning removes the term “state-sponsored” — Reuters reported that Apple came under fire last fall over an incident with the Indian government and its opposition leaders — the tech giant still notes these attacks “have historically been associated with state actors.”
Other times, a proxy can be used on a nation’s behalf.
Since 2021, users in at least 150 nations have been warned by Apple that their devices might have been impacted by the “exceptionally well funded” attacks that have been improving and evolving over time.
If affected, a “Threat Notification” will appear online at the top of an Apple webpage after users sign in with their Apple ID through appleid.apple.com.
Apple will then send both an email and iMessage ping to the user’s phone and associated email address.
Source