Apple on Tuesday filed a lawsuit against Israeli technology firm NSO Group and its parent company, primarily known for its proprietary spyware Pegasus. The complaint provides new information on how NSO Group infected victims’ iPhones with its Pegasus spyware.
Apple says it’s seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices.
About NSO Group
Based out of Herzliya, Israel, NSO Group develops state-sponsored surveillance technology that allows its highly targeted spyware to surveil its victims.
Recently, numerous researchers and journalists have publicly documented the history of this spyware being abused to target journalists, activists, dissidents, academics, and government officials.
What is FORCEDENTRY?
NSO Group uses FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a user’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus. It also revealed that it is notifying the “small number of users” who have been targeted via the FORCEDENTRY exploit for a vulnerability.
It was identified by the Citizen Lab, a research group at the University of Toronto.
In the press release, Apple explains
To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a user’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a user’s knowledge. Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.
Apple’s lawsuit seeks to ban NSO Group from further harming individuals by using its products and services. The company will be contributing $10M and any damages from the lawsuit, to organisations pursuing cyber-surveillance research and advocacy.
Craig Federighi, Apple’s senior vice president of Software Engineering, said:
State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change.
Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous.
Ivan Krstić, head of Apple Security Engineering and Architecture, said:
At Apple, we are always working to defend our users against even the most complex cyberattacks. Our threat intelligence and engineering teams work around the clock to analyse new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.