[TheRecord] Apple sues spyware maker NSO Group

Apple announced earlier today that it filed a lawsuit against NSO Group, the Israeli company behind Pegasus, a powerful spyware and surveillance platform capable of infecting and taking over even the most secure and up-to-date iPhones.

Apple cited the repeated abuse of this tool to breach and spy on innocent victims by oppressive regimes.

“Researchers and journalists have publicly documented a history of this spyware being abused to target journalists, activists, dissidents, academics, and government officials,” the OS maker said in a press release today.

According to court documents [sourcearchive], Apple is now seeking a court injunction against NSO Group, asking a judge to ban the company from with its devices and software.

In legal terms, the injunction would effectively prevent NSO from deploying the Pegasus spyware on new Apple devices and would also block NSO employees from updating the spyware to support new iOS releases.

Lawsuit related to recent FORCEDENTRY exploit

Apple is the second major tech company that has sued the NSO Group in a US court. In October 2019, Facebook (now rebranded as Meta) had also sued the Israeli spyware maker for creating and using a WhatsApp zero-day in May 2019.

Just like in Apple’s lawsuit today, Facebook said the NSO Group sold the zero-day to questionable customers who then abused it to hack into the devices of seemingly innocent people, like attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials, as part of a broad surveillance operation.

In Apple’s case, the OS maker cited a recent iOS zero-day named FORCEDENTRY that the NSO Group developed earlier this year.

Citizen Lab report claims the iOS zero-day appears to have sold to a Bahrain government client, which then abused it to hack dissidents, bloggers, and political rivals.

“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors,” said Ron Deibert, director of the Citizen Lab at the University of Toronto.

“I applaud Apple for holding them accountable for their abuses, and hope in doing so Apple will help to bring justice to all who have been victimized by NSO Group’s reckless behavior.”

Apple to donate $10 million and lawsuit winnings

In addition, Apple said it would be donating $10 million, as well as any damages from the lawsuit, to organizations conducting research on cyber-surveillance tools.

Because Citizen Lab exposed most of the spying campaigns conducted with NSO’s Pegasus spyware, Apple said it would also be providing pro-bono support to the research laboratory, which operates at the Munk School of Global Affairs & Public Policy, at the University of Toronto.

The NSO Group did not return a request for comment.

Is Apple being opportunistic?

The Apple lawsuit also comes after the US government also dealt a blow to the Israeli company last month when it sanctioned its operations, effectively preventing US companies from engaging with NSO.

According to a report published today, hours before the lawsuit became public, the sanctions caused a deep crisis at the Israeli company, now on the verge of shuttering.

“To me, Apple’s announcement is very opportunistic and looks more like a campaign to cuddle and get on the good side of the research community (i.e. contributing 10 million USD plus any damages from the lawsuit),” Stefan Soesanto, Senior Cyber Defence Researcher at the Center for Security Studies at the Swiss Federal Institute of Technology (ETH) in Zurich, told The Record.

“Meta/Whatsapp did all the heavy lifting with their ongoing NSO lawsuit, the US government blacklisted NSO earlier this month, and now Apple is swooping in to collect on the low-hanging fruits.

“Overall, I think this is more about Apple trying to polish and redirect the narrative on its security and privacy shortcomings than about NSO,” Soesanto added.

The post Apple sues spyware maker NSO Group appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

Daily NCSC-FI news followup 2020-05-17

Who Controls Huawei? [PDF] www.ui.se/globalassets/butiken/ui-paper/2020/ui-paper-no.-5-2020.pdf = EU member states should adopt a unitary interpretation of the toolbox. A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huaweis market share. Putin Is Well on His Way […]

Read More

Daily NCSC-FI news followup 2021-08-30

Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much about John Deere: Lock and Code S02E16 blog.malwarebytes.com/podcast/2021/08/hackers-tractors-and-a-few-delayed-actors-how-hacker-sick-codes-learned-too-much-about-john-deere-lock-and-code-s02e16/ No one ever wants a group of hackers to say about their company: We had the keys to the kingdom.. But thats exactly what the hacker Sick Codes said on this weeks episode […]

Read More

Daily NCSC-FI news followup 2019-08-30

Phishers are Angling for Your Cloud Providers krebsonsecurity.com/2019/08/phishers-are-angling-for-your-cloud-providers/ Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the clients brand and their customers. Heres a look at a recent CRM-based phishing […]

Read More