Apple filed a lawsuit against NSO Group, the Israeli company that developed the Pegasus spyware, and its parent company in order to ascertain responsibility for the “surveillance and targeting” of Apple users. The lawsuit also provides new information on how NSO Group infected victims’ devices with its own spyware. Furthermore, to prevent future abuse and harm to its users, Apple will also require a permanent injunction to prohibit NSO Group from using any Apple software, service, or device.
Apple’s legal action also provides new information on FORCED ENTRY, an exploit of NSO Group which, exploiting a vulnerability fixed with iOS 14.8, was used to force access to the victim’s Apple device and install the latest version of Pegasus. The exploit was originally identified by Citizen Lab, a research group at the University of Toronto.
To deploy FORCED ENTRY on Apple devices, the attackers created Apple IDs (over 100, the complaint reads) to send malicious data to the victim’s device and thus allow NSO Group or its customers to distribute and install Pegasus spyware without the victim’s knowledge. Despite the abuse suffered for the distribution of FORCED ENTRY, Apple points out, its servers were not hacked or compromised during these attacks.
Pegasus spyware has been used to attack a small number of Apple users, particularly journalists, activists, dissidents, academics, and government officials, with dangerous malware and spyware and was designed to enable highly targeted cyberattacks, which allow you to access the microphone, camera, and other sensitive data, even on Android smartphones. Furthermore, it is able to infect devices without requiring any action from the user and without leaving a trace
This legal action by Apple is intended to prevent NSO Group from further harming people by using Apple products and services. The Cupertino-based company is also seeking compensation for NSO Group’s blatant violations of US federal and state regulations resulting from its targeting and attacking activities against Apple and its users.
“This situation must change,” he has declared Craig Federighi, Apple’s Senior Vice President of Software Engineering.
Apple devices are the safest consumer hardware on the market, but private companies developing state-sponsored spyware have become increasingly dangerous. While these cybersecurity threats only affect a very small number of customers, we take every single attack on our users seriously and are constantly working to enhance the security and privacy protection features in iOS to protect all of our users.
Apple is constantly investing in enhancing features to protect the security and privacy of its users. iOS 15, released in recent months, integrates new protections, including important updates to the Blast Door security mechanism.
Although NSO Group’s spyware continues to evolve, the note concludes, Apple found no evidence of successful remote attacks against devices with iOS 15 and later, however, invites users to always update their devices and always use the latest software.
To further strengthen the cyber-surveillance abuse identification activities carried out by companies such as Citizen Lab and Amnesty Tech, Apple will make a contribution of $ 10 million, in addition to any damage resulting from the legal action, to organizations of researchers and activists working to combat cyber-surveillance. Apple will also support Citizen Lab researchers with technical assistance and, if necessary, will also provide the same assistance to other organizations carrying out similar activities.
NSO Group, we recall, was recently included in the blacklist of the US Department of Commerce which, in fact, initiates a real ban against it, preventing US companies from having commercial relations.