Apple Warns Users in 98 Countries of Potential 'Employed Spyware' Attacks
TapTechNews July 11th news, Apple has recently warned a large number of iPhone users in 98 countries around the world that they may be the targets of an "employed spyware" attack, and this attack method can almost steal all personal data on the device.
Although Apple said it cannot be 100% sure of its judgment, they are very confident in the detection results and urge the users who received the warning to take this security reminder seriously.
According to TapTechNews' understanding, although the iPhone has high security, but there is always a cat-and-mouse game-like rivalry between Apple and the companies that invest heavily in finding and exploiting system vulnerabilities. One of the most notorious is the NSO Group and its Pegasus software, which can obtain almost all the personal data stored on the iPhone. The NSO pays high fees to hackers who find vulnerabilities, and these vulnerabilities can be used for zero-click attacks that can invade devices without any interaction operation of the target user.
Just by receiving a specific iMessage message (without opening or having any interaction), the attacker can completely control an iPhone without the user's complete knowledge.
Of course, once Apple discovers a vulnerability, it will try to fix it, but this process may take some time. During this period, they will take some measures, such as trying to detect whether the iPhone has been invaded (not necessarily knowing the specific invasion method), and then remind the victim. For example, Apple once warned a Polish prosecutor that her iPhone might be invaded by Pegasus software.
Apple initially called such attacks "state-sponsored attacks", but changed the wording to "employed spyware attacks" earlier this year.
According to TechCrunch, Apple has just sent out one of such warnings to potential victims in 98 countries. "Apple detected that the iPhone associated with your AppleID (-xxx-) is being subjected to an employed spyware attack that attempts to remotely control your device," Apple wrote in the warning message.
"This attack is most likely aimed at your identity or the work you do. Although it is impossible to be absolutely accurate when detecting such attacks, Apple is very confident in this warning. Please take it seriously," Apple added in the message.
The victim usually receives the advice of enabling the "lockdown mode".
Apple will not disclose the specific method of detecting the iPhone being invaded, but the iOS system probably contains code for regularly checking the integrity of existing protection measures. When the device fails these checks, the system will send an alert to Apple, and then Apple will notify the owner of the phone again. This means that Apple can detect that the iPhone has been invaded even without knowing the invasion method.