24 November 2021

Apple sues NSO Group over Pegasus spyware


Apple sues NSO Group over Pegasus spyware

Tech giant Apple has filed a lawsuit against Israeli surveillance-for-hire company NSO Group and its parent company Q Cyber Technologies “to hold it accountable” for illegally targeting Apple users with its powerful Pegasus spyware able to run even on most secure and up-to-date iOS devices.

In a complaint filed in federal court in California, Apple said that the defendants “are amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.” The lawsuit seeks to permanently block NSO Group from breaking into Apple’s products, like iPhone, and to ban the hacker-for-hire company from using Apple software, services, or devices.

“NSO admits that its destructive products have led to violations of “fundamental human rights,” which have been widely recognized and condemned by human rights groups and governments, including the U.S. Government. To ensure that their products can be used by others to maximum effect, NSO reportedly provides ongoing technical support and other services to their clients as they deploy NSO’s spyware against Apple’s products and users, including journalists, human rights activists, dissidents, public officials, and others,” Apple said.

In August, security researchers at Citizen Lab uncovered a previously undisclosed zero-click iMessage exploit used to deploy NSO Group’s Pegasus spyware on devices belonging to several Bahraini activists. More recently, security researchers disclosed that Pegasus spyware was discovered on the cellphones of six Palestinian human rights activists.

The lawsuit also provides additional details on NSO’s "FORCEDENTRY" exploit used in attacks against Bahraini activists. According to Apple, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge.

The iPhone maker said it will contribute $10 million, as well as any monetary damages won in the lawsuit, to organizations pursuing cybersurveillance research and advocacy.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering. “Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”


Back to the list

Latest Posts

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Dropped countries include such countries as Morocco, Mexico, Saudi Arabia, or the UAE.
26 November 2021
CronRAT: New Linux malware that hides behind February 31 to stay undetected

CronRAT: New Linux malware that hides behind February 31 to stay undetected

The malware hides in the Linux calendar system and enables server-side Magecart data theft which bypasses browser-based security solutions.
26 November 2021
New malware campaign targets crypto, NFT and DeFi communities via Discord

New malware campaign targets crypto, NFT and DeFi communities via Discord

The Babadeda crypter is able to bypass signature-based antivirus solutions and was previously observed in malicious campaigns distributing RATs, and LockBit ransomware.
26 November 2021