Apple has security measures in place to protect its customers from hackers. These include regular software updates and threat notifications. An Instagram post says, “Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that they may be getting targeted by a ‘mercenary spyware attack.’”
Mercenary spyware attacks are when cybercriminals gain remote access to a user’s device, allowing them to access any private data. In some cases, hackers can take over the device without any action from the victim, like clicking a malicious link.
Multiple VERIFY readers, including Samantha and Elizabeth, reached out to ask if the warning is legit. Other people in the comments ask what should be done if they receive one of the notifications.
THE QUESTION
Is the iPhone mercenary spyware attack notification real?
THE SOURCES
Scott Radcliffe, Apple spokesperson
THE ANSWER
Yes, the iPhone mercenary spyware attack notification is real.
WHAT WE FOUND
Apple sent out threat notifications to high-profile users who were targeted by a mercenary spyware attack on April 10, but the company said the threat to the general public is low.
Scott Radcliffe, an Apple spokesperson, sent a copy of the alert to VERIFY; it told recipients there was “a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.”
Apple says mercenary spyware attacks are very rare, adding the “vast majority of users will never be targeted by such attacks.” The alert tells recipients they were likely targeting because of who they are or what they do. Typically, targeted individuals include politicians, activists and journalists.
The attacks are “more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices,” Apple says.
The April 10 notification was sent to users in 92 countries, the message says. Apple has sent similar alerts “multiple times a year” since 2021.
If you receive a mercenary spyware attack notice, Apple recommends that you enable lockdown mode, change your passwords, upgrade all devices and “enlist expert help, such as the nonprofit, rapid-response emergency security assistance provided by the Digital Security Helpline.”
Some mercenary spyware attackers use malicious links to access devices, so Apple also recommends avoiding clicking on any links or attachments from unknown senders.