Apple is alerting iPhone users in India and 91 other countries about a mercenary spyware attack that could remotely compromise their devices. These attacks, often state-sponsored and costly, target political activists, government officials, diplomats, and journalists. The purpose is to install malicious software for spying. Apple advises users to promptly install software updates and consider enabling Lockdown Mode. The origin of the latest attack is undisclosed, but Apple is using legal action against spyware makers like NSO Group, which it sued in November 2021.
Apple has warned users in India and 91 other countries about a "mercenary spyware attack" targeting their iPhones, stating that attackers attempted to remotely compromise the devices. These sophisticated attacks are rare and not attributed to any specific state-sponsored attacker. The company has been sending out similar threat notifications since 2021 and has notified users in over 150 countries to date.
Users of iPhones, iPads, Apple Watch, and Macs are being urged to update their devices immediately due to a sophisticated spyware attack uncovered by Citizen Lab and Google's Threat Analysis Group. The attack targeted an Egyptian pro-democracy politician using SMS and WhatsApp messages, infecting his phone with spyware through a malicious website. Apple has released emergency security updates addressing three critical vulnerabilities, urging users to update to iOS 17.0.1 or iOS 17.0.2 as soon as possible. The vulnerabilities, including a kernel vulnerability and certificate validation issue, have already been exploited. Lockdown Mode is recommended for users at risk.
