Apple has confirmed that it will send threat alerts to customers who may have been affected by the NSO Group’s controversial Pegasus spyware.
Cupertino announced Tuesday that it is suing the NSO Group for the tools it develops and sells to governments to spy on iPhone owners. Its warnings are another attempt to prevent software like Pegasus from going unnoticed.
Pegasus targets will receive security alerts from Apple
Pegasus has been used by governments to monitor journalists, activists, dissidents, academics, and government officials. Once installed on an iPhone, the software can access the device’s cameras, microphones, and data.
In almost all cases, targets do not know that their device has been infected. But Apple hopes to change that – and in turn make Pegasus much less successful – by sending security alerts to those who may have been targeted.
The warnings will be delivered via text message and email. Apple will also display a banner at the top of its Apple ID page when a targeted user logs into their account in a web browser.
Not all threats can be detected
“Apple threat alerts are designed to inform and assist users who may have been affected by state-sponsored attackers,” Apple explains. “These users are individually targeted because of who they are or what they do.”
“State-sponsored attacks are very complex, cost millions of dollars to develop, and often have a short shelf life. The vast majority of users will never be affected by such attacks. If Apple detects activity in line with a state-sponsored attack, we will notify targeted users.”
However, Apple also warns that due to the sophisticated nature of state-sponsored attacks like Pegasus, it is possible that some will be undetected – or that some warnings will be false.
How to Avoid a Pegasus Attack
To confirm an Apple threat alert, sign in to the Apple ID site and see if the banner is visible at the top of the page. Apple says the messages will never ask users to click on links, open files, install apps, or verify passwords.
It also includes some steps that iPhone users can take to avoid a spyware attack:
- Update devices to the latest software as it includes the latest security fixes
- Protect devices with a password
- Use two-factor authentication and a strong Apple ID password
- Install apps from the App Store
- Use strong and unique passwords online
- Do not click on links or attachments from unknown senders
In addition to threat notifications, Apple has strengthened iPhone security in iOS 15 to make it harder to install spyware.