Spyware - Apple Starts Legal Action Against NSO Group

Apple is suing Israeli spyware firm NSO Group and its parent company for allegedly targeting iPhone users with a powerful hacking tool. 

NSO's Pegasus software can infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.

The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. 

The lawsuit was filed in the federal court in San Jose, California, and alleges that NSO Group was engaged in concerted efforts in 2021 to attack Apple customers, products and servers through dangerous malware and spyware. “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering. 

US Government Blacklist

The Apple action follows only a couple of weeks after the  Israeli company was added to a US trade blacklist.
NSO Group's Pegasus software has reportedly been used by nation states to target the phones of rights activists and journalists and has consequently placed NSO Group, on its "entity list", banning business dealings with them.

The other firms added to the list with NSO Group are fellow Israeli spyware agency Candiru, Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy.

The Israeli company has in the past sold its surveillance software to Saudi Arabia, Mexico, the United Arab Emirates and other countries with poor human rights records. The company has consistently defended its actions by claiming that its surveillance tools are meant to be used by its customers to investigate serious crimes and terrorism. It has also alleged that it has no information about how its tools are used against targets.

Apple wants to hold NSO Group and its parent company OSY Technologies "accountable for the surveillance and targeting of Apple users" and is seeking a permanent injunction to ban NSO Group from using any Apple devices, software or services "to prevent further abuse and harm to its users...  "Defendants are notorious hackers, amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse," Apple wrote in its legal complaint.

The US government statement about placing put NSO Group on its trade blacklist says that that the company's software had "enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists". 

NSO denies those claims, saying it only works with law enforcement, military, and intelligence agencies from countries with good human-rights records.

In July, Paris-based non-profit Forbidden Stories and Amnesty International said NSO's Pegasus spyware may have been used to snoop on more than 1,000 journalists, rights activists and other prominent individuals, from about 50 countries. President Emmanuel Macron's phone number also reportedly showed up on a leaked list of French government minsters said to be bugged with Pegasus. 

Apple stated in its complaint that the NSO created more than 100 fake Apple ID user credentials to carry out its attacks. While its servers were not hacked, the Israeli firm misused and manipulated Apple's servers to deliver the attacks on iPhone users. 

The US and Israel are close allies, with their respective cyber-experts having co-operated to restrain Iran's nuclear programme. But Pegasus spyware has emerged as a formidable cyber-weapon, used by some of the most  autocratic regimes in the Middle East to target a wide range of people, not just criminals and terrorists. Journalists, lawyers, peace activists and other dissidents have all had their phones secretly infected with malware that allows the customer to read every message, access all their data and even remotely turn on the microphone without the owner's knowledge.

Apple:     Reuters:     Computing:     BBC:    JPost:   New York Times:   Times of Israel:    The Print

You Might Also Read:

Your Phone Is Spying On You:

 

« Russia Wants Control Over Big Tech
Tesla Drivers Can’t Unlock Their Cars »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

CERT Polska

CERT Polska

CERT Polska is the first Polish computer emergency response team and operates within the structures of NASK (Research and Academic Computer Network) research institute.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

CyberCrowd

CyberCrowd

CyberCrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

Trinexia

Trinexia

Trinexia (formerly Credence Security) is a specialty Value-added Distributor of Cyber Security, Digital Forensics, Security Awareness, Data Security & Governance solutions.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

Automox

Automox

Remediate vulnerabilities 30X faster than the industry norm – and dramatically reduce your risk with simple, fast, and cloud-native endpoint hardening from Automox.

DDLS

DDLS

DDLS is Australia's largest provider of corporate IT, process training and cybersecurity training courses and certification programs.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

SEIRIM

SEIRIM

SEIRIM delivers cybersecurity solutions in Shanghai China specializing in Web Application Security, Network Security for SME's, Vulnerability Management, and serving as Managed Security as a Service.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

CyberKinetics

CyberKinetics

CyberKinetics specializes in cloud-based services and solutions for federal agencies and commercial clients with compliance mandates.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.

Octane

Octane

Octane is an AI cybersecurity startup using machine learning to identify and fix vulnerabilities in blockchain codebases.