Apple sues NSO Group for Pegasus spyware

This week it became known that Apple has filed a lawsuit against the Israeli company NSO Group, which is behind the development of the Pegasus spyware platform, capable of compromising even the most secure and modern iPhones.

Apple officials say the tool has been used repeatedly to hack devices and spy on opponents of oppressive regimes.

Researchers and journalists have publicly documented the history of the use of this spyware to target journalists, activists, dissidents, academics and government officials.<span class="su-quote-cite"><a href="" target="_blank">the company said in a press release.</a></span>

According to court documents, Apple is currently seeking an injunction against the NSO Group, and is asking the court to ban the company from using its devices and software.

From a legal point of view, such a ban could help prevent the deployment of Pegasus on new Apple devices, as well as prevent NSO Group employees from updating the spyware for new versions of iOS.

It should be noted that Apple is already the second large company to file a lawsuit against the NSO Group. In October 2019, Facebook also went to court for creation and use of a 0-day exploit for WhatsApp.

The vulnerability in WhatsApp, according to Facebook, was sold to the NSO Group, and then the company helped its clients to exploit the problem to attack human rights defenders, journalists, political dissidents, diplomats and government officials. In only 11 days, the attacks affected more than 1,400 people in Bahrain, the United Arab Emirates and Mexico, according to court documents.

Moreover, Facebook then banned NSO Group employees from its platforms, as the legal action suggested permanent injunction prohibiting all NSO Group employees from accessing or attempting to access the services, platform and computer systems of WhatsApp and Facebook.

Apple’s lawsuit also said the NSO Group sold the 0-day vulnerability to dubious clients, who then used the bug to hack the devices of innocent people, including lawyers, journalists, human rights activists, political dissidents, diplomats and government officials.

Specifically, Apple mentions the ForcedEntry issue that experts discovered this year. A report from Citizen Lab, which found and investigated the exploit, said the zero-day problem appeared to have been sold to the Bahraini government and then used to hack into the devices of dissidents, bloggers and opposition figures.

The Defendants are renowned hackers, the amoral mercenaries of the 21st century, who have created sophisticated cyber surveillance mechanisms that allow both routine and extraordinary abuses. They design, develop, sell, deliver, deploy, operate, and maintain aggressive, destructive and malicious spyware products and services that have been used to attack and harm Apple users, Apple products and Apple. For their own commercial gain, they allow their customers to abuse these products and services by attacking individuals, including government officials, journalists, businessmen, activists, academics and even US citizens. <span class="su-quote-cite">says Apple.</span>
Hired spy companies such as the NSO Group have contributed to the most serious human rights violations and repression around the world, while enriching themselves and their investors. I applaud Apple for holding them accountable for these abuses, and I hope that by doing so, Apple will help bring justice to everyone who has fallen victim to the NSO Group’s reckless behavior.<span class="su-quote-cite"><b>Ron Deibert</b>, head of Citizen Lab commented.</span>
Ron Deibert
Ron Deibert

It should also be noted that Apple has said it will donate $ 10 million, and will also reimburse any legal costs to organizations conducting research on cyber-tracking tools.

Since Citizen Lab investigated most of the Pegasus spy campaigns, Apple said it will also provide free support to the research lab that operates at the University of Toronto’s Munch School of Global Relations and Public Policy.

Interestingly, earlier this year, the US government imposed sanctions on an Israeli company, effectively preventing the NSO Group from doing business with American companies. According to a report released hours before Apple’s lawsuit, the sanctions have brought the company in big trouble and it is now on the verge of shutting down.

For me, Apple’s statement is opportunism. It more resembles a campaign to support the good side of the research community ($ 10 million in donations, plus any legal fees). Meta and Whatsapp have done all the hard work in their lawsuit against NSO, the US government blacklisted NSO earlier this month, and now Apple may not be putting in a lot of effort. Overall, I think this is more about Apple’s efforts to smooth out and redirect conversations about security and privacy flaws [in its products] in a different direction.<span class="su-quote-cite"><a href="" target="_blank"><b>Stefan Soesanto</b>, senior researcher at the Center for Security at the Swiss Higher Technical School, told <b>The Record</b>, school in Zurich (ETH).</a></span>
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button