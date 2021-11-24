Apple sued NSO Group, the Israeli company behind the Pegasus spyware, holding it responsible for the surveillance and tracking of Apple users.

With the lawsuit filed in the Northern California District Court, Apple gave information on how NSO Group infected victims’ devices with its Pegasus spyware, and more importantly, asked a permanent injunction to prohibit NSO Group from using any Apple software, service or device.

Who is NSO Group



NSO Group is an Israeli surveillance company that has been operating for some time and, according to the statements of the same company, “its technology is licensed to licensed government agencies for the sole purpose of fighting crime and terror“.

These are the words NSO Group used in 2019 when it was discovered that its technology had allowed spy on Android phones and iPhones by exploiting a fragility of WhatsApp. Facebook, today Meta, owner of the messaging app, sued NSO Group at the end of 2019 for having carried out hacking activities on WhatsApp users.

Most recently, NSO Group has made a splash for getting permission through Pegasus’ spyware spy on over 50,000 personalities watched over by various governments, including Hungary, Saudi Arabia and the United Arab Emirates, and for exploiting an iOS flaw to give the Bahraini government the ability to monitor a group of activists.

They are immoral mercenaries, says Apple



In the introduction of the lawsuit, we immediately understand Apple’s position towards the NSO Group: “The defendants are notorious hackers, immoral 21st century mercenaries who have created a highly sophisticated cyber-surveillance apparatus that invites systematic and flagrant abuse. They design, develop, sell, deliver, distribute, operate and maintain offensive and destructive malware and spyware products and services that have been used to target, attack and harm Apple users, Apple products and Apple products. For their own commercial gain, they allow their customers to abuse such products and services to target individuals including government officials, journalists, businessmen, activists, academics, and even US citizens.. “

In a statement from Apple, Craig Federighi, senior vice president of the company’s software department, said: “State-sponsored actors such as the NSO Group spend millions of dollars on sophisticated surveillance technologies without actual accountability. This state of affairs must change. “

He then added: “Apple devices are the safest consumer hardware on the market – but private companies developing state-sponsored spyware have become even more dangerous.“

In the release, Apple refers to the code created by NSO Group called FORCEDENTRY which exploited a zero-click flaw on iOS to spy on iPhones, and which was also used to target activists in Bahrain. According to Apple no more attacks were observed succeeded of this type against devices with iOS 15 and later.

Apple notes that NSO Group and its customers devote the immense resources and capabilities of nation states to conduct highly targeted cyber attacks, allowing them to access the microphone, camera and other sensitive data on Apple and Android devices. To provide FORCEDENTRY to Apple devices, the attackers created several Apple IDs to send malicious data to the victim’s device – allowing NSO Group or its customers to supply and install Pegasus spyware without the victim’s knowledge.

This reference to Apple IDs is important because it allowed Apple to sue the NSO Group, as the court called has jurisdiction over the defendants. because they have created more than one hundred Apple IDs to carry out their attacks and have also accepted Apple’s iCloud terms and conditions, including the mandatory and applicable clause of choice of jurisdiction.

Using the created Apple IDs, NSO would send the data (GIF and PDF) to a target via iMessage (after determining it was using an iPhone), which has been maliciously tampered with to disable iPhone logging. This malicious opening would then allow NSO to secretly install Pegasus spyware and monitor what was going on on the phone.

$ 10 million to raise awareness of the risks of cyber surveillance



On the sidelines of the lawsuit, Apple said it will support organizations that promote cyber surveillance research and awareness, including financially. pledging to distribute $ 10 million for this purpose plus the sums he will be able to obtain as compensation for damages from the lawsuit.

It will also provide technical, threat intelligence and engineering assistance to Citizen Lab, the group of researchers that helped Apple uncover and shut down NSO Group exploits.

Derivative cover image credits: Elliot Brown (CC BY 2.0)