Apple sues spyware firm that infected and tracked iPhone users

Eric Abent - Nov 23, 2021, 2:18pm CST
Apple sues spyware firm that infected and tracked iPhone users

After WhatsApp and Meta sued the Israeli-based NSO Group over its Pegasus spyware, Apple is now following suit. Today, the company announced a lawsuit against the NSO Group in an effort to “curb the abuse of state-sponsored spyware.” Apple is seeking damages in the case (which weren’t revealed in today’s announcement) and is looking to bar the NSO Group from using any “Apple software, services, or devices” in the future.

Apple sets its sights on state-sponsored spyware

As Apple explains in the announcement of this lawsuit today, the NSO Group is responsible for a zero-click exploit called FORCEDENTRY, which installs the Pegasus spyware on personal devices by taking advantage of an integer overflow vulnerability. Apple points to a Citizen Lab report from back in September as evidence that the NSO Group is using Pegasus to spy on “journalists, activists, dissidents, academics, and government officials,” violating human rights in the process.

While Apple has patched the vulnerability and says that Pegasus was ultimately used to attack only a “small number” of users, the notion that the NSO Group has been abusing the software to spy on political opponents, journalists, and academics on behalf of Israel is indeed very worrying.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” Apple SVP of software engineering Craig Federighi said in today’s announcement. “Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”

Apple isn’t alone in push against NSO Group

Apple seems to view this lawsuit as drawing a line in the sand. “This is Apple saying: If you do this, if you weaponize our software against innocent users, researchers, dissidents, activists or journalists, Apple will give you no quarter,” Apple’s head of security engineering and architecture said to The New York Times in an interview this week.

Apple, WhatsApp, and Meta aren’t going after the NSO Group alone, either. Not only did Microsoft, Google, and Cisco back the Meta (then-Facebook) lawsuit against the organization, but these zero-click exploits have caught the eye of the US government as well. The New York Times notes that the Biden administration has blacklisted both NSO Group and another company, Candiru, meaning no US-based organization can work with either company.

In today’s announcement, Apple said that it will contribute $10 million plus any damages from this lawsuit to “organizations pursuing cybersurveillance research and advocacy,” such as the aforementioned Citizen Lab and Amnesty Tech. The company also says that it hasn’t seen any indication of remote attacks being carried out on devices running iOS 15 and later, so if you’re still on an old version of iOS, it sounds like it’s a very good idea to apply any software updates that may be waiting.

The company will be reaching out to those who were impacted by these zero-click exploits and the Pegasus spyware. In addition, we’ll keep you updated on this lawsuit and any others the NSO Group may face from US-based companies.


Must Read Bits & Bytes