Apple sues a company known for hacking iPhones on behalf of governments

November 25, 2021: -On Tuesday, Apple sued NSO Group. This Israeli firm sells software to government agencies and law enforcement, enabling them to hack iPhones and read their data, including messages and other communications.

This year, Amnesty International said it discovered recent-model iPhones which prevent journalists and human rights lawyers from being infected with NSO Group malware called Pegasus.

Apple seeks a permanent injunction to ban NSO Group from using Apple software, services, or devices. It is which seeks damages over $75,000.

Apple is considering the lawsuit to be a warning to other spyware vendors. “The steps Apple is taking today sending a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those seeking to make the world a better place,” Ivan Krstic, Apple’s head of security engineering and architecture, said in a tweet.

NSO Group software permits “attacks, which include from sovereign governments that pay hundreds of millions of dollars to target and attack a tiny fraction of users with information of particular interest to NSO’s customers,” Apple said in the lawsuit filed in federal court in the Northern District of California, which states that it is not “ordinary consumer malware.”

Apple also said on Tuesday it had patched the flawed enabling the NSO Group software to access private data on iPhones using “zero-click” attacks where the malware is delivered through a text message and leaves little trace of infection.

Apple alleged in its lawsuit, Pegasus’ users can remotely surveil the iPhone owner’s activities, collect emails, text messages, and browsing history, accessing the device’s microphone and camera.

Apple said the attacks were only targeted at a few customers, and it said it would inform iPhone users who may have been targeted by Pegasus malware.

“To deliver FORCED ENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device, which allows NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge,” Apple said in its announcement. “Though misused to deliver FORCED ENTRY, Apple servers were not hacked or compromised in the attacks.”

Apple said that the NSO Group created Apple ID accounts and violated the iCloud terms of service to operate its spyware.

NSO Group is accused of using “0day” bugs to create its spyware, or flaws that Apple has not yet fixed. Once Apple fixes an exploit, it’s no longer a 0day, and users can protect themselves by updating their iPhone software.