Apple has messaged select iPhone users in 92 countries warning them that mercenary spyware attacks have targeted them. The alerts were sent out at 12 pm Pacific Time on Wednesday, April 10, although Apple has not confirmed the attacker's identities or in which countries users received notifications.
The message reads, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-.” It also states, “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
This is a familiar situation as Apple has sent out similar messages before, with the updated Apple support page stating that the company has sent similar messages to over 150 countries since 2021. The page then details what mercenary spyware entails and who is often the target of such attacks.
Who is being targeted and what to do
Apple's support page makes it clear that mercenary spyware attacks usually target a smaller group of individuals. As such, most users will never see such an attack and have little to worry about. According to public recordings from civil society organizations, technology firms and journalists, these complex attacks have historically been associated with state actors and often target journalists, activists, politicians and diplomats.
If you have found that you have been contacted Apple recommends "that you enlist expert help, such as the rapid-response emergency security assistance provided by the Digital Security Helpline at the non-profit Access Now. Apple threat notification recipients can contact the Digital Security Helpline 24 hours a day, 7 days a week through their website."
Apple also recommends users update their devices to the latest iOS, currently iOS 17.4, to benefit from the latest security patches and implement two-factor authentication for their Apple ID.
While it is true that very few people will ever be the victim of such a targeted attack it is important to protect your device as best you can. The average person should also keep on top of updating their device. It may also a good idea to look into getting a VPN to protect your online presence. We have a full list of the best VPN services to help you get started.