iPhone 15

Around this time just one week ago, iPhone users in 92 counties received a bizarre notification on their device.

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID,” read the notification. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”

Apple posted an announcement on its website giving basic details for why the company would generally send out a notification warning like this. However, the company has been relatively mum on the situation since. And it never quite disclosed the exact threat that spurred Apple to send out that notification to those users at that specific time.

Now, a new report appears to have solved the mystery.

China-linked LightSpy spyware

The Apple news outlet Apple Insider noticed a report by Blackberry — yes, the mobile phone company that was popular in the 2000s and has since pivoted into a cybersecurity firm — that appears to have gotten to the bottom of the spyware notification situation.

According to Blackberry, the spyware that iPhone users were warned about is called LightSpy, which is described in the report as a “sophisticated iOS implant.” 

The report points out that this is a concerning development because LightSpy was last seen used in a campaign during the 2020 political protests in Hong Kong. So, this latest attack appears to be a reemergence of LightSpy.

LightSpy is “a fully-featured modular surveillance toolset,” according to Blackberry. The spyware can pull targets’ private information, which includes pinpoint-accurate location data as well as data from messaging applications, text messages, phone call history, and web browser history. It can even create sound recordings from the device, including recording during VOIP calls. 

LightSpy has been used by attackers to target individuals in Southeast Asia, including India, for the most part, which explains why those notifications were mostly received by iPhone users located in that general region. The messaging apps mentioned in Blackberry’s report are among the most popular in that part of the world: QQ, WeChat, and Telegram. In addition, LightSpy can pull payment history from targets from the WeChat Pay service.

Blackberry believes this attack was once again perpetrated by China-based or native Chinese-speaking actors, as with previous LightSpy campaigns, and there’s a potential for state-sponsored involvement as well.

The report recommends that users who have reason to be targeted, whether due to their employment or activism, utilize Apple’s Lockdown Mode, which the iPhone-maker describes as a feature used to “protect devices against extremely rare and highly sophisticated cyber attacks.”

©

Related Posts

Apple quiet about its iPhone 'spyware attack' warnings — but the mystery may be solved
Helix Lamp Is An Innovative 3D-Printed Lighting...
Lighting plays a pivotal role in shaping the ambiance and...
Read more
Apple quiet about its iPhone 'spyware attack' warnings — but the mystery may be solved
Charlie Munger: A Double Layer of Risk...
My current commute/workout/kid taxi listening is old Berkshire Hathaway shareholder...
Read more
Withings ScanWatch Horizon Specs
Top 10 Innovative & Cutting-Edge Watches That...
If you love having a watch on your wrist –...
Read more
Apple quiet about its iPhone 'spyware attack' warnings — but the mystery may be solved
Top 10 Clever Accessories To Give Your...
If in this era of pollution, chaos, and panic, you...
Read more
Modern and Minimalist Resume and Cover Letter Set by Medialoot
A Modern & Minimalist Resume and Cover...
Ditch the Drab, Land the Dream Job: A Review of...
Read more
Alcaraz serves at Wimbledon
How to watch Alcaraz vs. Tiafoe in...
TL;DR: Live stream Alcaraz vs. Tiafoe in Wimbledon 2024 for...
Read more