Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Iphone Security Apple

Apple Alerts Users in 92 Nations To Mercenary Spyware Attacks (techcrunch.com) 16

Posted by msmash from the PSA dept.
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks. From a report: The company said it sent the alerts to individuals in 92 nations at 12pm Pacific Time Wednesday. The notification, which TechCrunch has seen, did not disclose the attackers' identities or the countries where users received notifications.

"Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," it wrote in the warning to affected customers. "This attack is likely targeting you specifically because of who you are or what you do. Although it's never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning -- please take it seriously," Apple added in the text.
This discussion has been archived. No new comments can be posted.

Apple Alerts Users in 92 Nations To Mercenary Spyware Attacks More

Apple Alerts Users in 92 Nations To Mercenary Spyware Attacks

Comments Filter:

  • Deja vu? (Score:2, Offtopic)

    by SpzToid ( 869795 )
    Jamal Khashoggi’s private WhatsApp messages may offer new clues to killing. [cnn.com]

  • Honeypot (Score:3)

    by spaceman375 ( 780812 ) on Thursday April 11, 2024 @09:11AM (#64386334)
    Stick your phone in a foil bag, get your data off it with USB, then sell it to a security research firm. They'd love to have a good honeypot for this.

    • You think security research firms don't have their own honey pot devices, some real and some virtual?

      • This is a targeted attack. Its pretty hard to troll a "mercenary group" hard enough to get them to target a fake persona with this level of spyware. This phone is an already known target, they can watch it happening.
    • The serious security threats on iOS are all attacks that use iMessage to run code remotely, which means the attacks can be observed without a physical device. Just remember this the next time Apple tells you they need the App Store for "security", because of course the real attacks don't require apps or user interaction at all. Just specially crafted messages to an app you can't uninstall.

  • Next up in the news Hackers issue false notifications to all iphone users...
    On the one side we are told to treat all incoming messages as suspicious, and then on the other hand we are notifying of imminent threats with message notifications... what could possible go wrong?

    • Re:How do you know that the notification is genuin (Score:4, Insightful)

      by Nrrqshrr ( 1879148 ) on Thursday April 11, 2024 @09:53AM (#64386444)

      What went wrong, from the very beginning, was that we gave our lives away to private interests. "Who cares if they reading my browsing history" flew out the window now that you basically cannot function in modern society without a mobile phone. Banks are switching to mandatory 2FA and touting it as if it's the greatest step we have taken yet towards a private and secure future, but what that means it that anyone who gets access to your phone gets access to your entire life.
      Modern "connected" society is looking more and more like that quote from WOPR... "The winning move is not to play".

    • If the notification was fake, then it becomes real.

    • Re: (Score:3)

      by unrtst ( 777550 )

      Came here thinking the same! This sounds so much like the examples of phishing messages we are warned to ignore that any encouragement to "take this seriously", if anyone listens to that, is going to result in more people caught in phishing attempts. IMHO, the notification should instruct people to find and navigate to a proper site/utility/whathaveyou to check for such issues/notifications; Something like, go into your settings, security notifications panel, and review any warnings there, and also warn the

    • In this case, the “The company said it sent the alerts...at 12pm Pacific Time Wednesday” would be a pretty good indication that if you received a notice from “Apple” at that exact moment that it’s probably legitimate. I agree that your advice/question is valid in general, but these users have confirmation.

      Also, there was no call to action, other than to be aware and be careful, so there’s no risk of phishing, which is a hallmark of legitimate messages.

  • Dear , Your account may have been hacked. This is really serious and demands instant attention from you. Please contact our support center to talk with an manager about restoring access to all you thing. Your credit card has been charged for $1984 for the inconvenience. Sincerly, Iphone co. (Actual email that was sent out....)
    • Thank you for warning me, lest I follow the instructions that I just received (actual email) to change my "passwoard".
  • so we're not liable for any damages. Blame the victim.

Slashdot Top Deals

If you do something right once, someone will ask you to do it again.

Close