What is "mercenary spyware" that's targeting iPhone users? Should you be worried?

Apple recently sent threat notifications to iPhone users in India and 91 other countries, alerting them of potential attacks by "mercenary spyware," including the infamous Pegasus malware.

These emails, received around midnight on April 11,  warned users that their iPhones may be targeted "because of who you are or what you do".

Who is behind these attacks?

The notification itself doesn't identify the attackers. However, it describes these attacks as "exceptionally rare" and "vastly more sophisticated" than typical cybercrime.

They target a very limited number of individuals and are believed to be ongoing globally. This information suggests a state-sponsored or highly coordinated effort.

Similar notifications in the past

This isn't the first time Apple has issued such warnings. In October 2023, they sent similar alerts regarding "state-sponsored attackers" attempting to compromise iPhones.

Notably, these notifications coincided with reports of spyware targeting Indian opposition politicians and journalists.

However, Apple later clarified that they don't attribute specific attackers to these threats.

How does Apple detect these attacks?

Since late 2021, Apple has employed automated systems to detect suspicious activity on iPhones.

These systems identify patterns consistent with targeted attacks and trigger email and iMessage notifications to affected users.

However, Apple reserves the details of these patterns to prevent attackers from adapting their methods.

What should you do if you receive a notification?

Apple's notifications come with security recommendations. These include:

1. Updating to the latest iOS version.
2. Setting a strong passcode and enabling two-factor authentication for your Apple ID.
3. Downloading apps only from the App Store and using unique passwords for each online account.
4. Avoiding clicking on unknown links or attachments.
5. For even stronger protection, Apple suggests activating
6. Lockdown Mode, a recent feature designed for situations like this. Lockdown Mode restricts certain functionalities, such as message attachments and link previews, to prevent attackers from exploiting them. This mode is only available on devices running iOS 16 or later.

The importance of staying vigilant

While these targeted attacks are rare, they highlight the importance of digital hygiene.

By following Apple's security recommendations and staying updated on potential threats, iPhone users can significantly reduce their risk of being compromised.

Also watch: Used parts to be eligible for iPhone repairs