Apple has issued a new threat warning to iPhone users in 98 countries about the possibility of Pegasus spyware running on their phones. This is the second such notification campaign the tech giant has launched this year, following a similar campaign in April that reached users in 92 countries. According to a support document posted on Apple's website, the company has been releasing these notifications periodically since 2021, resonating with users in more than 150 countries. The latest warning, sent on July 10, did not identify the attackers or the countries that received the alert. Those details remained part of a nuanced mix of information. The notification sent to the touched customers said: “Apple found that you are aimed at the attack of the hired spy program, which is trying to remotely jeopardize the iPhone related to your Apple ID.” The company emphasized the target character of these attacks, noting: "This attack is probably aimed at you specifically from the one who you are or what you are doing." Despite the vague uncertainty in the prevention of attacks of national states, Apple emphasized the critical importance of listening to such reports.
PEGASUS, which Apple calls as a soldier spy software used by governments for aiming on people, such as journalists and political activists, through Hackers of the Mercenary, was created by the Israeli company NSO Group. It is perhaps the most advanced and invasive spyware ever found in the wild because it can exploit zero-day vulnerabilities on mobile devices.
Reports indicate that users in India are among those who have received Apple’s latest threat notifications. This follows a similar incident in October when Apple sent warnings to several journalists and politicians in the country. Subsequently, Amnesty International, a prominent human rights advocacy group, reported discovering the presence of Pegasus on the iPhones of notable Indian journalists. In its communications with affected users, Apple has emphasized the confidentiality of its threat detection methods. The company warned that releasing more details could allow attackers to evade detection in the future, and emphasized the delicate balance between informing users and maintaining effective security measures. It is worth noting that Apple has significantly changed its terminology since last year, preferring to describe these incidents as "espionage-for-hire attacks" rather than the term "nation-state attacks" used previously. This change in wording likely reflects an evolving understanding and classification of these security threats. Apple has stated that it relies exclusively on “internal threat-intelligence information and investigations to detect such attacks,” highlighting the company’s commitment to user privacy and security.
Regardless of whether users have received a notification, all iPhone users are advised to take several precautionary measures:
- Prevention of reception from unknown contact information from contact information
- Restrictions on specific Web technology and visualization functions
- Except for the location of the general photo and the data on the deletion of the general album
- Block wired connection when blocking the device
- Prevention of dangerous network automatic goals
- Block invitations from new contacts
- Restrictions on installation of configuration profiles often used in work and schools
Users can perform these steps to activate the iPhone or iPad lock mode.
- Open the setting application
- Move to confidentiality and security
- Scroll down and select lock mode
- Click "Turn on Lock mode"
- Display the result of the function and click "Light the Locking Mode" to confirm.
- Select "Light and Restart" and enter the passive code for the device.