Skip to Content
Apple ID sign in on an iPhone and Mac computer
Photo 57777292 © Alexey Boldin |
Security & privacy

Phone hacked? Apple says it will alert you if your iPhone is infected with spyware

Cybercriminals have countless tools to target victims. They develop these methods themselves or, unsurprisingly, lift them from others.

Recently, authorities discovered cybercriminals were using military-grade hacking software designed by Israeli tech firm NSO Group. Research group Citizen Lab then revealed that NSO’s clients were using the software to spy on journalists. Tap or click here for our report with tips on protecting yourself from this dangerous vulnerability.

Apple rolled out security patches to prevent this type of government-sponsored spyware, and now it’s going one step further: Apple says it will notify owners if their iPhones and other devices have been compromised.

Here’s the backstory

The NSO’s homepage says the firm creates technology that helps government agencies “prevent and investigate terrorism and crime to save thousands of lives around the globe.” Well, that sounds noble. There’s more to it.

Apple announced that it’s suing NSO Group and its parent company for spying on Apple users. The complaint says NSO Group infected people’s devices using the firm’s Pegasus spyware.

Apple is seeking an injunction banning NSO Group from using its software, services or devices. The tech giant says there is documented history of such software being used to target journalists, activists, dissidents, academics, and government officials.

Apple also revealed information on NSO Group’s FORCEDENTRY, an exploit used to break into a victim’s Apple device to install the Pegasus program. The exploit was discovered by the research group Citizen Lab. Apple has since released a patch to fix the vulnerability.

Related: GoDaddy data breach: 1.2M user profiles, including passwords, exposed

Apple’s new alerts

Given the level of seriousness of these types of hacks, Apple says it will notify users when their Apple devices have been compromised by state-sponsored malware and spyware.

If Apple detects evidence of a state-sponsored attack, the targeted user will get a Threat Notification on the top of the page when signed into Apple will also send an email and iMessage notification to the account associated with the user’s Apple ID.


Don’t expect this to work perfectly. Apple says users may get a false alarm, or a threat may miss detection.

You should also keep in mind that Apple will never ask you to click any links, open files, install apps or profiles or provide your Apple ID password or verification code by email or on the phone. Sign in to to verify any threat notifications you receive from Apple.

With just about anything security-related, criminals will try to use this new system to their advantage. Be careful and never reply to requests for your personal info, even if they seem to be from Apple.

Protect yourself

A little prevention goes a long way. Take these steps to protect yourself from all types of spyware, malware, ransomware, adware and viruses, state-sponsored or otherwise:

Keep reading

Government-related scams never end – Here are 2 new ones to watch for

Have guests staying with you? How to tell if someone has been snooping on your phone

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days