Apple strengthens spyware alerts for mercenary attacks


Apple has updated its documentation for its mercenary spyware threat alert system, now clarifying that it alerts users when they may have been individually targeted by such attacks.

The review highlights companies like NSO Group, known for developing surveillance tools like Pegasus, which state actors often use for targeted attacks against individuals such as journalists, activists, politicians and diplomats.

In a blog post published Wednesday, Apple highlighted the global and sophisticated nature of these costly and complex attacks.

The update marks a shift in wording from informing and assisting users targeted by state-sponsored attackers to specifically responding to mercenary spyware threats.

“It is really important to recognize that mercenary spyware, unlike others, is deliberately designed with advanced features including zero-day exploits, complex obfuscation techniques and self-destruct mechanisms, making them very effective and difficult to detect,” explained Krishna Vishnubhotla. vice president of product strategy at Zimperium.

According to recent data reportsApple sent threat notifications to iPhone users in 92 countries, coinciding with the overhaul of the support page.

Although Apple began sending threat notifications in November 2021, it has refrained from attributing the attacks or notifications to a particular threat actor or region.

This development now aligns with global efforts to combat the misuse of commercial spyware, as evidenced by a coalition of countries, including the United States, working to develop safeguards. against invasive surveillance technologies.

Additionally, a recent report from Google and Mandiant’s Threat Analysis Group (TAG) highlighted the exploitation of zero-day vulnerabilities in 2023, with commercial monitoring service providers responsible for a significant portion of these exploits. .

These vulnerabilities targeted web browsers and mobile devices, highlighting threat actors’ increasing reliance on zero days for evasion and persistence.

Learn about Zero Days: A Guide to Zero Day Vulnerabilities and Exploits for the Layman

Google report also highlighted the continued need to invest in security to mitigate these threats, as threat actors continue to bypass security measures to infiltrate target devices.

Leave a comment