Apple is set to issue a warning to iPhone users in 92 countries, including India, that they could be victims of a mercenary spyware attack.
“This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously," states a threat notification mail sent to some users, as cited by The Economic Times.
The threat notification emails sent around 12.30 am on April 11 said tools like the NSO Group's Pegasus spyware are targeting users globally.
In its support page, the Cupertino giant has published tips for iPhone users. “Apple threat notifications are designed to inform and assist users who may have been individually targeted by mercenary spyware attacks, likely because of who they are or what they do,” it stated.
Apple has not attributed the attacks to any Indian stakeholders. In October, the tech giant had similarly alerted Opposition leaders, including Congress MP Shashi Tharoor, AAP MP Raghav Chadha and Trinamool Congress MP Mahua Moitra, regarding potential state-sponsored spyware attack on iPhones.
What is mercenary spyware?
Mercenary spyware is designed to remotely infiltrate and compromise smartphones and other devices without the knowledge or consent of the users. These surveillance tools could be used to monitor movements and communications, steal private data, etc.
In some cases, governments, intelligence agencies, and law enforcement bodies have reportedly bought mercenary spyware wherein political opponents and activists are often targeted.
Examples of mercenary spyware
Companies producing mercenary spyware include the NSO Group, FinFisher, and Hacking Team. NSO Group's flagship spyware Pegasus, which has been bought by various governments, helps infiltrate devices remotely and access calls, emails, messages, and other files.
Finfisher's products like FinSpy can capture keystrokes and access data besides activating microphones and cameras without permission. The Hacking Team's Galileo aka Remote Control System (RCS) also can capture keystrokes and record video calls besides accessing the camera and microphone.
