Apple has sued NSO Group and its parent company in the United States Federal Court, seeking a permanent injunction to ban the company from using Apple products, including its hardware and software. NSO Group is notorious for creating spyware that has been used to target activists, journalists, and government officials around the globe by different countries. Apple’s announcement explains that NSO Group has created sophisticated that impacted users across both iOS and Android, and led to horrific human rights abuses.
Apple’s complaint specifically outlines FORCEDENTRY, an exploit by NSO Group that is now patched on Apple devices, which was used to target different users worldwide using fake Apple IDs to deliver malicious spyware to victim’s devices. FORCEDENTRY was used to install Pegasus spyware on users’ devices without their knowledge. As we have covered before, Pegasus spyware has been used to leak private photos of female journalists, attack an NYT journalist, hack 37 iOS and Android smartphones belonging to journalists, monitor suspects, hack iPhones of nine activists, and more. Earlier this month, the U.S. government had declared NSO Group as a national security risk.
Craig Federighi, Apple’s senior vice president of Software Engineering, said in Apple’s announcement regarding the lawsuit:
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change. Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”
Despite the multiple protections that are in place in iOS, NSO Group has been able to silently install spyware on Apple devices and gain access to microphone, camera, and sensitive data. Apple’s announcement says that new protections in iOS 15 like upgraded BlastDoor security have reduced the number of exploits and so far, no new remote attacks have been found.
Apple also appreciated Citizen Lab and Amnesty Tech, which have been working to discover cybersecurity threats and report them to companies. The Cupertino giant promised to contribute $10 million and any damages from the lawsuit to organizations that are involved in cybersurveillance research. Apple will also be providing pro-bono technical, threat intelligence, and engineering assistance to the researchers at the Citizen Lab to help them continue with their activities, and will be expanding similar support to other organizations that are performing similar research.
Lastly, Apple also announced that it will be notifying the small number of users that have been discovered to have been targeted by NSO Group’s FORCEDENTRY exploit. The company will do the same in the future if it discovers any state-sponsored spyware attack.