[ad_1]
Apple has issued a threat notification to users in about 92 countries, warning them of a possible spyware attack by a mercenary group that could lead to iPhone hacking.
The iPhone maker said the choice of a particular victim for attack likely depends on who they are or what they are doing.
The company said the threat notifications are “high-confidence warnings” that users have been singled out by a mercenary spyware attack and should be taken very seriously.
The National Review Apple’s latest alerts and investigate the severity of the attack.
What does Apple’s warning say?
In its warning, Apple specifically stated that this mercenary spyware attack attempts to remotely compromise victims’ iPhones.
However, Apple did not reveal many details because it could alert the perpetrators and change the nature of the attack.
“We cannot provide any further information about what caused this notification to be sent, as it could help mercenary spyware attackers adapt their behavior to avoid detection in the future,” Apple said in a statement. ”.
“While Apple has not disclosed many details about the attack, we believe this targeted breach is an identity-based attack designed to steal credentials and further lateral movement of users into the electronic ecosystem. It makes sense,” said Maury Haber, chief security advisor for the technology company. BeyondTrust said National.
“The initial stage of such attacks is usually so personal that the victim is easily persuaded to believe it and attack out of fear, despair, or other emotions based on its content. Masu.”
Why are mercenary spyware attacks so difficult to detect?
Cyber experts say mercenary spyware attacks are typically backed by large sums of money and continue to evolve over time, making it difficult for security personnel to detect them in their early stages.
In this case, the Cupertino-based company relied solely on internal threat intelligence information and research to detect such attacks.
The company said these attacks are more complex than typical cybercriminal activity or consumer malware. Attackers use high-end technology and resources to target a small number of specific individuals and their devices rather than launching large-scale attacks.
“Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them extremely difficult to detect and prevent,” Apple said.
Who are the potential victims?
Apple said mercenary spyware attacks often target selected high-profile individuals such as journalists, activists, politicians, and diplomats. These are organized by a variety of organizations, including private companies that develop mercenary spyware on their behalf.
In its detailed threat update, Apple cited the example of Israeli cyber intelligence company NSO Group, which developed Pegasus spyware to monitor mobile phones and collect data.
Since 2021, Apple has sent these threat notifications multiple times a year, notifying users in more than 150 countries. However, he refrained from attributing these to specific national actors or regions.
“Mercenary spyware attacks are extremely costly, sophisticated, and global, making them some of the most sophisticated digital threats in existence today. As a result, Apple We do not attribute this to any specific attacker or geographic region.”
How does Apple provide information to its users?
Affected users will be notified via email or iMessage with details linked to their Apple ID. A notification also appears at the top of the page after the user signs in to her appleid.apple.com.
The notification also includes additional steps that the notified user can take to protect their device, such as enabling lockdown mode.
What to do if you receive an Apple threat notification
Apple encouraged victims to immediately contact security experts at the nonprofit organization Access Now’s Digital Security Helpline. He can be contacted 24/7 through the website.
The external organization does not have information about what caused Apple to send the threat notification, but the company said it can provide security advice tailored to targeted users.
Why Apple removed “state-sponsored” for “mercenary spyware attack”
Previously referred to as “state-sponsored,” Apple is now replacing all such references with “mercenary spyware attack” when describing the perpetrators.
According to Reuters, Apple removed the term state-sponsored after coming under repeated pressure from the Indian government to link these breaches to state actors.
Opposition leaders in India have accused Prime Minister Narendra Modi’s government of trying to hack into mobile phones, following an October message from Apple warning of “state-sponsored” attacks.
Why do criminals target mobile devices?
Industry analysts say mobile devices are one of the most vulnerable targets for attackers targeting high-profile individuals.
Scott Cabeza, a staff research engineer at cybersecurity firm Tenable, said Apple’s latest move to notify users that their device may have been targeted is concerning, but it’s possible they could be affected. He said it was heartening to see steps being taken to protect sexual individuals. National.
“Mobile device exploits can yield millions of dollars in profits. With millions of dollars being spent, one thing is certain: data is key, and attackers, including nation states, are Invest heavily in exploits that can be used against highly targeted targets and individuals.
Tips for everyone to protect their iPhone
- Update your device to the latest software as it includes the latest security fixes.
- Protect your device with a passcode
- Use two-factor authentication and strong passwords for your Apple ID
- Install apps only from the App Store
- Use strong and unique passwords online
- Don’t click on links or attachments from unknown senders
Updated: April 12, 2024, 9:49 a.m.
[ad_2]
Source link
