Saturday, May 18 2024

An overview of what is going on

Apple has recently issued an urgent warning to iPhone users across 92 countries, alerting them to the threat of highly sophisticated “mercenary spyware” attacks. This alert marks a concerning escalation in cyber threats, shifting from what Apple previously described as “state-sponsored” attacks to those orchestrated by private entities with advanced capabilities, potentially backed by state actors.

Understanding Mercenary Spyware

Mercenary spyware refers to malware developed by private companies that sell these tools to the highest bidder, often including governments. These tools are capable of deeply intrusive surveillance, with the ability to access messages, emails, and even turn on cameras and microphones without the user’s knowledge. The attacks have been linked to well-known spyware like Pegasus from the NSO Group, which has been previously implicated in various global surveillance scandals.

Why This Warning Matters

Apple’s recent notifications did not specify the perpetrators behind these attacks but highlighted their advanced nature and potential links to state actors. The timing of the alerts coincides with upcoming elections in various countries, pointing to a potential increase in cyber espionage activities. Apple emphasises the rarity but high sophistication of these attacks, suggesting they are targeted specifically at individuals based on their roles or activities, such as politicians, journalists, and activists.

Apple’s Response

In response to these threats, Apple has taken several steps:

  • Notifications: Affected users receive alerts through their Apple ID page and via email and iMessage, warning them of potential compromises.
  • Lockdown Mode: Introduced as a new security feature, Lockdown Mode offers extreme protection by limiting certain functionalities of the device to reduce its susceptibility to these attacks. This mode blocks most message attachments and disables features like link previews and complex web technologies that could be exploited.
  • Cybersecurity Grants: Apple has committed $10 million to support research and advocacy to expose and combat the threats posed by mercenary spyware.

Protective Measures for Users

Apple advises all users, whether or not they have received a notification, to adopt stringent security measures to safeguard their devices:

  • Update Regularly: Always keep your device updated to the latest iOS version to ensure you have the newest security patches.
  • Enable Lockdown Mode: For those who suspect they might be targeted, enabling Lockdown Mode can provide robust protection.
  • Strong Authentication Practices: Use strong, unique passwords for your Apple ID and enable two-factor authentication.
  • Vigilance with Links and Downloads: Avoid clicking on links or downloading attachments from unknown sources.


The rise of mercenary spyware represents a significant evolution in cyber threats, with private companies capable of executing attacks previously thought to be the domain of nation-states. Apple’s proactive stance in alerting its users and providing enhanced security options is crucial in combating these sophisticated threats. Users are urged to take these warnings seriously and adopt the recommended security practices to protect their digital lives.

This situation is a stark reminder of the growing complexity and dangers of the digital world, highlighting the need for robust cybersecurity measures at individual and systemic levels.

Discover more from Digital Forensics Magazine

Subscribe now to keep reading and get access to the full archive.

Continue reading