An anonymous reader quotes a report from Wired:
In April, Apple sent notifications to iPhone users in 92 countries, warning them they'd been targeted with spyware. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID," the notification reads. Users quickly took to social media sites including X, trying to work out what the notification meant. Many of those targeted were based inIndia, but others in Europe also reported receiving Apple's warning. Weeks later, little is still known about the latest iPhone attacks. Former smartphone giant Blackberry, now a security firm, has released research indicating they are linked to a Chinese spyware campaign dubbed "LightSpy," but Apple spokesperson Shane Bauer says this is inaccurate.
While Apple says the latest spyware notifications aren't linked to LightSpy, the spyware remains a growing threat, particularly to people who may be targeted in Southern Asia, according to Blackberry's researchers. Described as a "sophisticated iOS implant," LightSpy first emerged targeting Hong Kong protesters in 2020. However, the latest iteration is much more capable than the first. "It is a fully-featured modular surveillance toolset that primarily focuses on exfiltrating victims' private information, including hyper-specific location data and sound recording during voice over IP calls," the researchers wrote. April's warnings were not the first time Apple has issued notifications of this kind. The iPhone maker has sent out alerts to people in over 150 countries since 2021 as spyware continues to target high-profile figures across the globe.
Spyware can be weaponized by nation-state adversaries -- but this is relatively rare and expensive. Its deployment is typically highly targeted against a very specific group of people, including journalists, political dissidents, government workers, and businesses in certain sectors. "Such attacks are vastly more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices," Apple wrote in an advisory in April. "Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent. The vast majority of users will never be targeted by such attacks." Plus, Apple says its Lockdown Mode feature can successfully protect against attacks. "As we have said before, we are not aware of anyone using Lockdown Mode being successfully attacked with mercenary spyware," Bauer says. Still, for those who are targeted and caught unaware, spyware is extremely dangerous. There are a number of ways to protect yourself against spyware and zero-click exploits in particular:
1. Regularly Update Devices: Keep your devices updated to the latest software to protect against known vulnerabilities.
2. Restart Devices Daily: Regularly restarting your device can help disrupt persistent spyware infections by forcing attackers to reinfect the device, potentially increasing their chances of detection.
3. Disable Vulnerable Features: Consider disabling features prone to exploits, such as iMessage and FaceTime, especially if you suspect you're a target for spyware.
4. Use Multifactor Authentication and Secure Sources: Employ multifactor authentication and only install apps from verified sources to prevent unauthorized access and downloads.
5. Monitor for Indicators: Be vigilant for signs of infection such as battery drain, unexpected shutdowns, and high data usage, though these may not always be present with more sophisticated spyware.
6. Seek Professional Help: If you suspect a spyware infection, consider professional assistance or helplines like Access Now's Digital Security Helpline for guidance on removal.
7. Utilize Advanced Security Features: Activate security features like Apple's Lockdown Mode, which limits device functionality to reduce vulnerabilities, thus safeguarding against infections.
