Apple Files Lawsuit Against NSO Group for Hacking iPhones on Behalf of Governments

Posted on

iPhone maker Apple has sued an Israeli firm called NSO Group that sells software to government agencies and law enforcement that allows them to hack iPhones.

It was earlier this year that Amnesty International discovered recent-model iPhones belonging to journalists and human rights lawyers that had been infected with NSO Group malware.

Amnesty International said that it found evidence of a hacked iPhone 12 and had obtained a leaked list of 50,000 phone numbers targeted by NSO Group software.

Apple patched the flaws that enabled the NSO Group malware and would warn iPhone owners who may have been targeted.

The company is seeking permanent injunction to ban NSO Group from using Apple software, services, or devices and is seeking damages over $75,000.

“The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place,” tweeted Ivan Krstic, Apple’s head of security engineering and architecture.

NSO Group software permits “attacks, including from sovereign governments that pay hundreds of millions of dollars to target and attack a tiny fraction of users with information of particular interest to NSO’s customers,” Apple said in the lawsuit and that it is not “ordinary consumer malware.”

Apple said the attacks were only targeted at a small number of customers, and said on Tuesday it will inform iPhone users that may have been targeted by Pegasus malware.

“To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge,” Apple said on Tuesday. “Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.”

The NSO Group created Apple ID accounts and violated the iCloud terms of service to operate its spyware, Apple added.

The lawsuit was filed in federal court in the Northern District of California.

“Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers,” an NSO Group spokesperson said in a statement. “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it. NSO Group will continue to advocate for the truth.”

Disclaimer: We have no position in any of the companies mentioned and have not been compensated for this article.