Pegasus is a spyware that targets iPhone users.

Bleeping Computer is a technology news site that has published the security warning Apple sent to iPhone users across 92 countries. The alert warns them of ongoing spyware attacks by mercenaries.

Apple alerts users that they are the target of a malicious spyware attack that is attempting to compromise your iPhone via the Apple ID associated with the attack. The NSO Group’s Pegasus tool, among others, has been used in such attacks.

Roblox Unblocked: Free Robux Generators are Spreading Malware

Apple says that mercenary malware attacks are different from other cybercrime activities and consumer-grade software because of their sophistication. They often take advantage of previously unknown software vulnerabilities, making them very costly.

Avast, a cybersecurity company, claims “Pegasus” is the world’s most sophisticated spy software, used by journalists and political activists to track them around the globe.

Avast describes Pegasus as an advanced zero-click surveillance tool for iOS and Android, explaining that “it can be installed without the target having to do anything.” Pegasus, originally designed to fight terror and criminality, has developed into an advanced cyber weapon that can collect a wide range of data. This includes monitoring apps, tracking location, retrieving emails and texts, as well as controlling the device’s camera and microphone.

The high-level targeting of mercenary attacks, which is tailored for specific people or very small groups of people makes them stand out.

Apple alert: “This attack likely targets you because of what or who you are.” Apple’s alert says that “although it is impossible to detect such attacks with absolute certainty, Apple believes this warning strongly.” The recipient of the alert was urged to take the message seriously.

Apple also offers users recommendations on how to minimize the damage caused by the attack.

Apple recommends that you enable lockdown mode in iPhone settings to enhance privacy and security. Apple suggests that affected iPhones be updated to iOS 17.4.1 and all Apple devices should also be updated.

Apple recommends that you update all cloud and messaging apps in order to take advantage of the latest security enhancements. They also suggest “changing your passwords on any websites or services sensitive which are accessed via iPhone.” Apple stresses that if an attacker is successful, they can steal credentials from other services.

Apple suggests that you “enlist the help of experts, like the Digital Security Helpline which provides 24/7 emergency assistance and is a nonprofit organization.”

News of the mercenary attacks has ignited discussions among users. Apple may be collecting more data than it claims.

Some in the community believe that iPhone traffic is routed through Apple’s secure proxy. However, others like X-user ErikExplains suggest there are other ways to “preserve privacy” by sending such a message, such as “performing a local state test for certain conditions, and then popping up a notification once those conditions are met.”

Omo, a X-user from the United States, also offered a drastic solution that involved disabling JavaScript. Omo says, “It’ll stop the majority of these complicated chains in their tracks” (Apple is making it easy by using Safari/WebKit system-wide on all browsers, including third-party ones). This will make many websites not load, leaving only phone calls, SMS, and other phone functions.

Omo says that disabling JavaScript can help to avoid exploit chains such as “Operation Triangulation,” and bypass Lockdown Mode.

Trojan Spyware and RiskTools: Mobile threats to crypto users

Runa Sandvik is the founder of Granitt. This company focuses on digital security for at-risk people, such as journalists or activists. She provided additional information about the lockdown mode in November 2023.

Sandvik acknowledges that “Lockdown mode is not extreme even though Apple claims so.” This feature offers protection from “extreme threats, like targeting an iPhone using sophisticated spyware.” Sandvik stresses that the mode is active as long as you have it on. However, it allows users to choose which apps or sites they want to block.

Sandvik says that “Lockdown Mode is available on managed devices, but the user must install a profile first before turning on the lockdown mode.”

Apple has warned users before about threats, such as the Pegasus Malware. Apple used to refer to spying parties, including Pegasus malware, as “state sponsored actors.” However due to an increasing number of criminal private groups it has now renamed them as cybercriminals.