Apple sues company known for hacking iPhones on behalf of governments. An Israeli firm called NSO Group, provided software to government agencies and law enforcement that enables them to hack iPhones and read the data on them, including messages and other communications.
Earlier this year, Amnesty International said it discovered recent-model iPhones belonging to journalists and human rights lawyers that had been infected with NSO Group malware called Pegasus.
Apple is seeking a permanent injunction to ban NSO Group from using Apple software, services or devices. It’s also seeking damages over $75,000.
Apple considers the lawsuit to be a warning to other spyware vendors. “The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place,” Ivan Krstic, Apple’s head of security engineering and architecture, said in a tweet.
The NSO Group created Apple ID accounts and violated the iCloud terms of service to operate its spyware, Apple said.
NSO Group is accused of using “0day” bugs to create its spyware, or flaws that Apple has not yet fixed. Once Apple fixes an exploit, it’s no longer a 0day and users can protect themselves by updating their iPhone software.
Apple patched flaws to prevent attacks
Apple also said on Tuesday it has patched the flaws that enabled the NSO Group software to access private data on iPhones using “zero-click” attacks where the malware is delivered through a text message and leaves little trace of infection.
Apple said the attacks were only targeted at a small number of customers, and it said on Tuesday it will inform iPhone users who may have been targeted by Pegasus malware.
The U.S. Commerce Department and Facebook also took actions against NSO Group
The U.S. Commerce Department blacklisted NSO Group earlier this month, prohibiting it from using American technology in its operations. Meta, formerly known as Facebook, is also separately suing NSO Group, alleging it helped hack users of Meta subsidiary WhatsApp.
NSO Group supports the use of their tools
“Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers,” an NSO Group spokesperson said in a statement. “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it. NSO Group will continue to advocate for the truth.”
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.