Yesterday, TechCrunch reported that Apple began sending out notices to iPhone users that they may have been victims of a “mercenary spyware attack.” The alert from Apple added, “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.” The last portion of that note is based on the fact that Apple relies on internal threat intelligence and investigations to determine whether an attack targeted an individual.
Beyond this, the language of these messages has also seemingly changed over time. They were formerly attributed to nation-states with “state-sponsored” labels. This has been replaced with “mercenary spyware attacks” in reference to Pegasus from the NSO Group, which is a more accurate description of the attacks. Reuters reports that this is thanks to discussions with Indian officials who raised concerns about the language after political opposition used the original alerts to claim that the Indian government was breaching their phones.
Regardless of the alert’s language, if you received this notification, Apple has a few recommendations for you, including updating your devices to the latest software, enabling passcodes, using two-factor authentication, and using strong and unique passwords. If you also feel you might be at risk of being attacked, it could be worth enabling Apple’s Lockdown Mode on your devices. While this is a fairly extreme step, it can protect you from the mercenary spyware that Apple is notifying its users about.