Apple sent threat notifications to its users in 92 countries, warning them that they could be targeted by paid spyware attacks. The company sends them via email and iMessage using contact information associated with users’ Apple ID. Additionally, if users sign in to appleid.apple.com, a notification appears at the top of the page.
Apple Sent Notification to Warn of Paid Spyware Attack
“Apple has detected that you have been targeted by a paid spyware attack that attempts to remotely compromise the iPhone associated with your Apple ID -xxx-,” Apple wrote in the alert sent to affected customers. We cannot provide further information about what has caused us to send you this notice; because this could help paid spyware attackers adapt their behavior to avoid detection in the future.” includes the following statements.
The warning also states, “This attack is likely targeting you specifically because of who you are or what you do.” While it is never possible to achieve absolute certainty when detecting such attacks, Apple’s confidence in this alert is high; “Please take this seriously.”
Apple has an updated in support document, says that it has sent similar threat notifications to users in more than 150 countries since 2021 and adds: “The extremely high cost, complexity and worldwide validity of paid spyware attacks make these attacks one of the most advanced digital threats existing today. As a result, Apple does not attribute attacks or threat notifications sent as a result of attacks to specific attackers or geographic regions.”
The warnings come at a time when many countries are preparing for democratic elections. Apple had previously described the attackers as “state-sponsored” in its support document, but replaced those references with “paid spyware attacks.” The warning says: “According to publicly available reporting and research by nongovernmental organizations, technology firms, and journalists, these extraordinarily costly and sophisticated individually targeted attacks have historically been exploited by private companies, such as NSO Group’s Pegasus, that develop paid spyware on their behalf.” has been associated with state-sponsored attackers such as
Apple advises people who receive threat reports to seek expert assistance, such as rapid response emergency security assistance provided by the Digital Security Helpline at the nonprofit Access Now. Recipients of Apple threat reports can contact the Digital Security Helpline 24 hours a day, seven days a week, via their website.
Users who have not received threat notifications from Apple but have good reason to believe they may be individually targeted by paid spyware attacks are also advised to enable Lockdown Mode on their devices for additional protection.
