Apple sues NSO Group over Pegasus iPhone spyware

Posted:
in iOS edited November 2021
Apple has filed a lawsuit against NSO Group, a firm known for selling the Pegasus spyware tool used by governments to hack iPhones used by criminals, journalists, and activists.




Pegasus is NSO Group's best-known spyware tool, one that was supposedly meant for use against criminal activity, but has been misused against other innocent parties. In a bid to try and stop NSO Group from continuing to provide Pegasus to its clients, Apple filed a lawsuit on Tuesday against both the group and its parent company.

Apple wants to hold NSO Group accountable for its surveillance of some Apple users. The filing is also seeking an injunction to prevent NSO from using any Apple software, services, or devices of any sort.

The lawsuit follows after reports the Pegasus spyware was used against activists and journalists, which first surfaced in July. An indepth investigation determined Pegasus has been used to infiltrate devices used by journalists, potentially since 2016.

By being used against journalists, activists, academics, and government officials, the tool is being used by some governments and agencies to probe those who could be seen as a potential danger.

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Apple SVP of Software Engineering Craig Federighi. "Apple devices are the most secure consumer hardware on the market -- but private companies developing state-sponsored spyware have become even more dangerous."

"While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously," Federighi continued, "and we're constantly working to strengthen the security and privacy protections in iOS to keep all our users safe."

Along with the filing, Apple has said it will be contributing $10 million and damages from the lawsuit to organizations related to cybersurveillance research and advocacy.

Apple is also assisting Citizen Lab, a group that Apple commends alongside Amnesty Tech in uncovering and researching the intrusions and surveillance abuse, by providing pro-bono technical, threat intelligence, and engineering assistance for Citizen Lab's research. Apple is also offering the same assistance to other organizations in the same space.

The lawsuit has been applauded by Citizen Lab director Ron Deibert for holding NSO Group "accountable for their abuses, and hope in doing so Apple will help bring justice to all who have been victimized by NSO Group's reckless behavior."

Following the investigation in July, reports surfaced explaining how Pegasus worked, with it using exploits that attacked Safari, Photos, Apple Music, and iMessage, among other iOS elements.

Victims of the attacks were included human rights activists, and lawyers, as well as journalists from high-profile outlets including CNN, the New York Times, and Al Jazeera, . It was also alleged that data leaks pointed to Pegasus being used by Saudi Arabia and the UAE to target smartphones of people who were close to the murdered journalist Jamal Khashoggi.

Following the discovery of the exploits, Apple has worked to update its operating systems, plugging the vulnerabilities and limiting Pegasus' reach.

Apple's filing includes information about "Forcedentry," an exploit for a now-patched vulnerability used to attack a device for the installation of Pegasus. The attack on Apple devices involved the creation of Apple IDs to send malicious data to the victim, enabling Pegasus to be installed without the target's knowledge.

Apple stresses that while its servers were "misused to deliver" the data, the servers themselves were not hacked nor compromised by the attacks.

"At Apple, we are always working to defend our users against even the most complex cyberattacks," said Apple head of Security Engineering and Architecture Ivan Krstic. "The steps we're taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place."

Read on AppleInsider
«1

Comments

  • Reply 1 of 29
    zoetmbzoetmb Posts: 2,654member
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    williamlondonkillroywatto_cobra
  • Reply 2 of 29
    DAalsethDAalseth Posts: 2,783member
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 
    cornchipAlex_Vwatto_cobra
  • Reply 3 of 29
    DAalseth said:
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 

    Disagree.

    NSO hasn’t been used yet (to my knowledge) to actually catch criminals. It’s being used by oppressive governments to track journalists or other “dissenters”.

    The very nature of their exploits (expensive zero days) means they are only used on a small handful of highly valuable targets. This might also go against Apple in their lawsuit as NSO could claim 99.999% of Apple users have nothing to worry about. 
    killroyrobabaGeorgeBMacwatto_cobra
  • Reply 4 of 29
    lkrupplkrupp Posts: 10,557member
    zoetmb said:
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    Nonsense. Apple is alleging NSO’s software has damaged Apple customers. It has nothing to do with copyright or patents.
    killroywilliamlondonigorskyStrangeDaysGeorgeBMacwatto_cobra
  • Reply 5 of 29
    lkrupplkrupp Posts: 10,557member
    If my understanding of this software is correct, Pegasus can attack iOS remotely without the user doing anything. The bigger question is why Apple has not been able to put a stop to it. Is there something about Pegasus and iOS that Apple can’t fix?
    edited November 2021 williamlondonGeorgeBMacAlex_Vwatto_cobra
  • Reply 6 of 29
    lkrupp said:
    If my understanding of this software is correct, Pegasus can attack iOS remotely without the user doing anything. The bigger question is why Apple has not been able to put a stop to it. Is there something about Pegasus and iOS that Apple can’t fix?

    Apple already patched the last version.

    The problem is these are unknown exploits. Nobody is telling Apple about them so they are unaware of their existence.

    With the most recent example, Apple was able to patch within one week once they had access to data from an infected device. That took several months. 
    killroywilliamlondonAlex_Vwatto_cobra
  • Reply 7 of 29
    jungmarkjungmark Posts: 6,926member
    zoetmb said:
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    I read somewhere the terms and conditions of signing up for an Apple ID/iCloud requires you follow the laws of California. 
    killroywilliamlondonwatto_cobra
  • Reply 8 of 29
    Interesting that NSO made the exact same excuse that Apple did for illegally scanning users private data without their permission or a search warrant:
    “Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers,” an NSO Group spokesperson said in a statement. “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it.”

    GeorgeBMacAlex_V
  • Reply 9 of 29
    DAalseth said:
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 

    Disagree.

    NSO hasn’t been used yet (to my knowledge) to actually catch criminals. It’s being used by oppressive governments to track journalists or other “dissenters”.

    The very nature of their exploits (expensive zero days) means they are only used on a small handful of highly valuable targets. This might also go against Apple in their lawsuit as NSO could claim 99.999% of Apple users have nothing to worry about. 
    And you know it for fact? What agency do you work for so you know that much?
    williamlondon
  • Reply 10 of 29
    zoetmb said:
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    They were violating the terms of agreement agreed to when they created their Apple IDs.
    williamlondonwatto_cobra
  • Reply 11 of 29
    Interesting that NSO made the exact same excuse that Apple did for illegally scanning users private data without their permission or a search warrant:
    “Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers,” an NSO Group spokesperson said in a statement. “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it.”

    You are very confused.

    1) Apple never launched the on-device CSAM scanning
    2) Use of iCloud Photos would be granting permission
    3) Apple already scans your iCloud Photos for CSAM
    4) So do Google, Micrsoft, Dropbox, and others

    Nobody allows images to be stored on their servers w/o scanning to ensure it isn't child porn. 

    https://nakedsecurity.sophos.com/2020/01/09/apples-scanning-icloud-photos-for-child-abuse-images/ ;

    https://www.microsoft.com/en-us/photodna

    https://protectingchildren.google/intl/en/

    williamlondon
  • Reply 12 of 29
    DAalsethDAalseth Posts: 2,783member
    DAalseth said:
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 

    Disagree.

    NSO hasn’t been used yet (to my knowledge) to actually catch criminals. It’s being used by oppressive governments to track journalists or other “dissenters”.

    The very nature of their exploits (expensive zero days) means they are only used on a small handful of highly valuable targets. This might also go against Apple in their lawsuit as NSO could claim 99.999% of Apple users have nothing to worry about. 
    I agree completely, NSO hasn't helped to catch a single bad guy, it seems they only sell to repressive regimes. 
    But I fully expect them to use this kind of bs in the press as a tactic. To try and cover and draw attention away from their deeds. 
    Pitch it as a "That giant evil corporation os picking on this little startup that's just trying to help law enforcement". The mainstream press, whose familiarity with Tech is limited to not knowing how to work Outlook, will eat it up. 
    edited November 2021 williamlondoncornchipAlex_V
  • Reply 13 of 29
    chadbagchadbag Posts: 1,999member
    DAalseth said:
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 

    Disagree.

    NSO hasn’t been used yet (to my knowledge) to actually catch criminals. It’s being used by oppressive governments to track journalists or other “dissenters”.

    The very nature of their exploits (expensive zero days) means they are only used on a small handful of highly valuable targets. This might also go against Apple in their lawsuit as NSO could claim 99.999% of Apple users have nothing to worry about. 

    And you know this how?  Haven't we had articles about police use of this tool?  I would expect that most of their customers are police/law enforcement agencies...  There is not enough money from despots for a publicly facing company of any reasonable size to do enough business (I didn't say "public company" in the legal sense).  We just hear about the use and mis-use by the despots and their ilk.  You don't hear about the mundane use of these tools to crack organized crime, pedophile rings, traffickers, drug cartels, terrorist related criminals, etc.

    williamlondon
  • Reply 14 of 29
    danoxdanox Posts: 2,799member
    lkrupp said:
    If my understanding of this software is correct, Pegasus can attack iOS remotely without the user doing anything. The bigger question is why Apple has not been able to put a stop to it. Is there something about Pegasus and iOS that Apple can’t fix?
    Government……
    cornchip
  • Reply 15 of 29
    MplsPMplsP Posts: 3,911member
    lkrupp said:
    zoetmb said:
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    Nonsense. Apple is alleging NSO’s software has damaged Apple customers. It has nothing to do with copyright or patents.
    If the customers have been harmed but not Apple then the courts will likely dismiss the suit for lack of standing. Apple needs to show that they themselves were harmed.

    I wish Apple luck in this, but I agree with the others in that I don't think it will be very successful. Their best defense is good offense patching the zero day exploits. 
    DAalsethwilliamlondon
  • Reply 16 of 29


    As long as Apple creates rotating back doors (otherwise known as “vulnerabilities”) in their software, someone will be fast enough to get through before it’s closed snd a new one opens elsewhere. 
  • Reply 17 of 29
    MplsP said:
    lkrupp said:
    zoetmb said:
    Good for Apple, but unless NSO was violating copyright or parents or Apple’s licensing agreements, they might not have a case (unfortunately). 
    Nonsense. Apple is alleging NSO’s software has damaged Apple customers. It has nothing to do with copyright or patents.
    If the customers have been harmed but not Apple then the courts will likely dismiss the suit for lack of standing. Apple needs to show that they themselves were harmed.

    I wish Apple luck in this, but I agree with the others in that I don't think it will be very successful. Their best defense is good offense patching the zero day exploits. 
    Harm to Apple’s customers damages the reputation and therefore sales of Apple devices. Ergo Apple is harmed. 
    GeorgeBMac
  • Reply 18 of 29
    I wonder if Apple has a case. Rather than trying to sue, they should plug the security holes that keeps making this company successful in their activities.
  • Reply 19 of 29
    DAalsethDAalseth Posts: 2,783member
    chadbag said:
    DAalseth said:
    An interesting tactic but I question how effective it will be. I don’t see where the suit was filed, but if it was in California, all NSO has to do is keep their operations offshore and there’s no way to enforce it. 

    I do expect the battle of the press to heat up. Apple is going after NSO for enabling spying on journalists, activists, and private citizens. Expect a blizzard of reports about how Apple is trying to protect criminals, drug dealers, terrorists, and pedos. It’ll come both from NSO and from the legion of Apple Haters out there. 

    Disagree.

    NSO hasn’t been used yet (to my knowledge) to actually catch criminals. It’s being used by oppressive governments to track journalists or other “dissenters”.

    The very nature of their exploits (expensive zero days) means they are only used on a small handful of highly valuable targets. This might also go against Apple in their lawsuit as NSO could claim 99.999% of Apple users have nothing to worry about. 

    And you know this how?  Haven't we had articles about police use of this tool?  I would expect that most of their customers are police/law enforcement agencies...  There is not enough money from despots for a publicly facing company of any reasonable size to do enough business (I didn't say "public company" in the legal sense).  We just hear about the use and mis-use by the despots and their ilk.  You don't hear about the mundane use of these tools to crack organized crime, pedophile rings, traffickers, drug cartels, terrorist related criminals, etc.

    And so it begins.
    GeorgeBMac
  • Reply 20 of 29
    I wonder if Apple has a case. Rather than trying to sue, they should plug the security holes that keeps making this company successful in their activities.
    They're trying to do exactly that, when they find them.  This is just another tactic in the overall strategy.  Effective strategies often involve multiple different avenues of attack against the enemy.
    CheeseFreeze
Sign In or Register to comment.