Tech giant Apple has filed a lawsuit against Israeli surveillance-for-hire company NSO Group and its parent company Q Cyber Technologies “to hold it accountable” for illegally targeting Apple users with its powerful Pegasus spyware able to run even on most secure and up-to-date iOS devices.
In a complaint filed in federal court in California, Apple said that the defendants “are amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.” The lawsuit seeks to permanently block NSO Group from breaking into Apple’s products, like iPhone, and to ban the hacker-for-hire company from using Apple software, services, or devices.
“NSO admits that its destructive products have led to violations of “fundamental human rights,” which have been widely recognized and condemned by human rights groups and governments, including the U.S. Government. To ensure that their products can be used by others to maximum effect, NSO reportedly provides ongoing technical support and other services to their clients as they deploy NSO’s spyware against Apple’s products and users, including journalists, human rights activists, dissidents, public officials, and others,” Apple said.
In August, security researchers at Citizen Lab uncovered a previously undisclosed zero-click iMessage exploit used to deploy NSO Group’s Pegasus spyware on devices belonging to several Bahraini activists. More recently, security researchers disclosed that Pegasus spyware was discovered on the cellphones of six Palestinian human rights activists.
The lawsuit also provides additional details on NSO’s "FORCEDENTRY" exploit used in attacks against Bahraini activists. According to Apple, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge.
The iPhone maker said it will contribute $10 million, as well as any monetary damages won in the lawsuit, to organizations pursuing cybersurveillance research and advocacy.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering. “Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”