On Wednesday, Apple notified iPhone users in 98 countries that they had been targeted by mercenary spyware attacks. The alerts were sent via email and iMessage to users whose Apple IDs were associated with the compromised devices. The spyware, developed by private companies and sold to state actors, is highly sophisticated and well-funded. Apple's notifications advise users to take immediate protective measures, such as enabling Lockdown Mode, updating all devices to the latest software versions, and following best security practices like using strong passwords and enabling two-factor authentication.

Apple has been sending these types of alerts since 2021, and this is part of its ongoing efforts to combat digital threats targeting journalists, activists, and diplomats. Despite these attacks' high cost and complexity, Apple assures users it is committed to detecting and mitigating such threats​ (BleepingComputer)​.

FACT: These Spyware Infections Are Detectable

This is the second time in three months that Apple has notified people of commercial spyware attacks. Apple's commitment to mitigating these threats is not enough. Spyware attacks can be detected in real time, and users do not have to settle for post-infection notifications.   While Apple did not specify Pegasus spyware in this announcement, it is likely that Pegasus or similar malware was involved. Once installed, Pegasus can access messages, emails, call logs, photos, and even activate the microphone and camera. The spyware exploits vulnerabilities in mobile operating systems, often through zero-day attacks. iVerify's research team found 2.5 infected devices per thousand users scanned, indicating over 2.5 million devices could be infected globally. This is much higher than the Pegasus Project report of 50K three years ago, showing the threat has expanded from journalists and activists to business executives and corporate employees.

iVerify offers advanced mobile EDR solutions that combine threat detection and mobile forensics with automated response and remediation for enterprise-level protection against sophisticated threats, including mobile malware, unpatched vulnerabilities, smishing, and credential theft, ensuring maximum privacy and security.

"Any targeted person should use Lockdown Mode, keep their phone up to date, and gather forensic information frequently to help analysts examine the attacks so we can stop them," said Matthias Frielingsdor, VP of Research at iVerify. “If you were notified, please reach out. I am happy to help you figure out what happened on your phone. The more we learn about these attacks, the better we can help anyone defend against them.”

iVerify is fundamentally different from legacy mobile security products that are limited to signature-based threat detection and offer virtually no response capability. iVerify uses heuristic-based threat hunting to identify threats and infected devices, including the industry's most sophisticated Pegasus detection capability.  This makes iVerify the only solution to offer a complete mobile EDR solution that detects threats and quickly responds to eliminate the impact of compromised BYOD and corporate-owned mobile devices across the enterprise, greatly reducing the likelihood of a corporate breach. This is why leading banks and government institutions use iVerify to protect their organizations. 

iVerify offers special protection at  https://iverify.org/ for journalists and civil society. We also offer enterprise-level solutions, iVerify EDR and iVerify Elite. Take control of your mobile security. Request a demo to experience our advanced features firsthand at iVerify.io. 

Secure your devices now.