Apple Warns Users Targeted by Mercenary Spyware

Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks.
To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these attacks.
Such spyware attacks target individuals largely because of who they are and what they do, Apple said.
While most people will never be targeted by these types of attacks, a small number of people - journalists, activists, politicians, and the like - will potentially be victimized.
Apple said once it detects spyware it notifies the user within two days.
The vendor does provide threat actor attribution, however.
In its notice, Apple pointed fingers at the NSO Group, one of the private companies that develops the mercenary spyware Pegasus that is used in such attacks.
Should an individual receive a threat notification, Apple recommends that they seek the help of either Apple or a third party.
Apple's notifications never ask the user to click on any link or install an application; the threat notification can be verified simply by signing into applied.
Apple.com, where the notification will be at the top of the page.

This Cyber News was published on www.darkreading.com. Publication date: Thu, 11 Apr 2024 18:25:19 +0000

Cyber News related to Apple Warns Users Targeted by Mercenary Spyware

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
1 year ago Techtarget.com

Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
1 year ago Blog.talosintelligence.com CVE-2024-23222

Apple Warns Users Targeted by Mercenary Spyware - Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks. To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these ...
1 year ago Darkreading.com

Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
1 year ago Blog.talosintelligence.com

US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
1 year ago Securityboulevard.com

Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
1 year ago Gbhackers.com

ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions | WIRED - Measures have included placing spyware vendors like NSO Group and Intellexa on the so-called Entity List to prevent any US companies from doing business with them; enacting a visa restriction policy against multiple individuals “who have been ...
8 months ago Wired.com

What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
2 years ago Heimdalsecurity.com

Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com

Apple warns people of mercenary attacks via threat notification system - Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say it's detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 ...
1 year ago Malwarebytes.com

Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
1 year ago Securityboulevard.com

U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
1 year ago Pbs.org

US announces visa ban on those linked to commercial spyware - Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. As part of this effort, the Biden Administration ...
1 year ago Bleepingcomputer.com

US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
1 year ago Securityweek.com

Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets - Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. The investigation confirmed ...
3 months ago Cybersecuritynews.com

Google says spyware vendors behind most zero-days it discovers - Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Zero-day vulnerabilities are security flaws the vendors of impacted software do not ...
1 year ago Bleepingcomputer.com

Apple Alerts iPhone Users of 'Mercenary Attack' Threat - Apple issued security alerts to individuals in 92 nations on Wednesday, cautioning them that their iPhones had been targeted in a remote spyware attack linked to mercenaries. Apple emphasized that this targeting is ongoing and widespread. The ...
1 year ago Cysecurity.news

SentinelLabs uncovers new CapraRAT spyware targeting Android users - A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT ...
11 months ago Siliconangle.com APT3 Transparent Tribe

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users - Meta filed the lawsuit against NSO Group on October 29, 2019, in the U.S. District Court for the Northern District of California, alleging that NSO had exploited a vulnerability in WhatsApp's calling feature to deliver its Pegasus spyware to ...
1 month ago Bleepingcomputer.com CVE-2019-3568

Meta Disrupts 8 Spyware Firms, 3 Fake News Networks - Meta has identified and interrupted six spyware networks linked to eight companies in Italy, Spain, and the United Arab Emirates, as well as three fake news operations from China, Myanmar, and Ukraine. It outlines how fake news operations - ...
1 year ago Darkreading.com

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat - iVerify, a seed-stage startup spun out of security research outfit Trail of Bits, on Wednesday rolled out a mobile threat hunting platform to help businesses neutralize the threat from iOS and Android zero-days. The company, which raised a $4 million ...
1 year ago Securityweek.com Cuba

Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
1 year ago Darkreading.com

Two Serbian journalists reportedly targeted with Pegasus spyware | The Record from Recorded Future News - In November 2023, Amnesty International and other digital freedom groups diagnosed a zero-click spyware attack on two Serbian civil society members on the eve of national elections. The text message sent to one of the journalists targeted last month ...
2 months ago Therecord.media

US judge rejects NSO's attempt to dismiss Apple lawsuit The Register - A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer ...
1 year ago Theregister.com

WhatsApp flaw can let attackers run malicious code on Windows PCs - On January 31, after mitigating the security issue server-side, WhatsApp alerted roughly 90 Android users from over two dozen countries, including Italian journalists and activists who were targeted in Paragon spyware attacks using the zero-click ...
2 months ago Bleepingcomputer.com CVE-2025-30401