Apple has recently issued a series of threat notifications to select users in India and 91 other countries, cautioning them about potential attacks on their iPhones by “mercenary spyware,” including the contentious Pegasus malware developed by the Israeli NSO Group.
The tech giant has refrained from attributing these recent attacks to any specific entity. Last October, Apple sent similar notifications to various Opposition leaders in India, spanning across different political parties—from Congress’s Shashi Tharoor to AAP’s Raghav Chadha to TMC’s Mahua Moitra—alerting them of a “potential state-sponsored spyware attack” aimed at their iPhones.
Subsequently, following pressure from the government, Apple clarified that it “does not attribute the threat notifications to any specific state-sponsored attacker.” The latest threat notification emails were dispatched around 12:30 am IST on Thursday (April 11) to affected users in India. However, the exact number of recipients who received these warnings from Apple remains undisclosed.
The email notification highlights the NSO Group’s Pegasus spyware, underscoring the persistent use of such tools globally to target individuals. “ALERT: Apple detected a targeted mercenary spyware attack against your iPhone,” reads the subject line of the threat notification, a copy of which was reviewed by The Indian Express.
The notification email further outlines, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-. This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
Apple emphasizes the rarity and sophistication of such “mercenary spyware attacks,” such as those utilizing Pegasus from the NSO Group, which are notably distinct from conventional cybercriminal activities or consumer-oriented malware. These attacks, costing millions of dollars each, are meticulously orchestrated against a small subset of individuals, yet their targeting remains ongoing and global, as detailed in Apple’s threat notification.
The company advised users to exercise caution when dealing with links they receive, emphasizing the importance of not opening any links or attachments from unexpected or unknown senders.
However, Apple clarified that it could not provide more detailed information about the specific triggers prompting these threat notifications. This decision was made to prevent mercenary spyware attackers from adjusting their tactics to evade detection in the future.
Additionally, Apple has updated its support page to offer guidance to users who might have been targeted by mercenary spyware attacks. The company stated, “Apple threat notifications are designed to inform and assist users who may have been individually targeted by mercenary spyware attacks, likely because of who they are or what they do.”
The initiative to issue these threat notifications began in 2021, with individuals from 150 countries having received them since then. Last year alone, at least 20 iPhone users in India reported receiving such notifications.
Previous investigations into similar matters have not yielded substantial findings. In 2021, the Supreme Court established a committee of technical experts to investigate allegations of unauthorized surveillance using the Pegasus software developed by the Israeli firm NSO Group.
The Pegasus controversy arose from media reports alleging the illicit use of the software to monitor the phones of activists, journalists, and politicians. Consequently, several petitions were submitted to the Supreme Court requesting an investigation into these allegations.
In August 2022, the committee of technical experts concluded that there was no definitive evidence of spyware use on the phones they examined. However, the committee noted that the Central Government had not fully cooperated with their investigation efforts.
