Apple sues NSO Group for attacking iPhones with Pegasus spyware

Now Apple has followed WhatsApp and its parent company Meta (formerly known as Facebook) in suing Pegasus spyware maker NSO Group. Along with promising new information about how NSO Group infected targeted iPhones via its FORCEDENTRY exploit, the company says it’s “seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices.”

Senior VP of software engineering Craig Federighi says in a statement “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change…Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous.” Apple and WhatsApp aren’t alone in their push against NSO Group in court, as last year tech companies including Microsoft and Google filed a brief supporting Facebook’s lawsuit.

Pegasus spyware is designed to let governments remotely access a phone’s microphones, cameras and other data on both iPhones and Androids, according to Apple’s press release. It’s also designed to be able to infect phones without requiring any action from the user, and without leaving a trace, according to reports that came out earlier this year from a journalistic coalition called the Pegasus Project.

Apple’s senior director of commercial litigation Heather Grenier says in a statement to The New York Times the lawsuit is meant to be a “stake in the ground, to send a clear signal” that the company won’t allow its users to suffer “this type of abuse.” Part of Apple’s argument laid out in the complaint (PDF) is that NSO violated Apple’s terms of service because the group created Apple IDs to help it send data to targets.

The Court has personal jurisdiction over Defendants because, on information and belief, they created more than one hundred Apple IDs to carry out their attacks and also agreed to Apple’s iCloud Terms and Conditions (“iCloud Terms”), including a mandatory and enforceable forum selection and exclusive jurisdiction clause that constitutes express consent to the jurisdiction of this Court

Apple says in its press release that, thanks to improvements it’s made to iOS 15 security, it “has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions.” When the Pegasus Project was publishing its reports in July, Amnesty International said that the latest versions of iOS (at the time iOS 14.6) were susceptible to attack.

For more information about the reporting done on Pegasus, its capabilities, and its potential targets, see our explainer.

In addition to its lawsuit against NSO, Apple says it’ll be supporting “organizations pursuing cybersurveillance research and advocacy,” both financially and with technical resources. The company says it’ll distribute $10 million (plus any damages it wins from its lawsuit) to groups working on counter-surveillance, and pledges in its press release to give free “technical, threat intelligence, and engineering assistance” to Citizen Lab, a group of researchers that were involved with the Pegasus Project. Apple also says it’ll do the same for other organizations “where appropriate.”

NSO was recently added to the US Entity List, which limits the ways American companies can sell or provide their technology to the company.


Related Articles

Leave a Reply

Back to top button