Apple on Tuesday filed a lawsuit against mercenary spyware company NSO Group and its parent company, seeking a permanent injunction that bans NSO Group from using any Apple software, services or devices. The complaint also provides new information on how NSO Group infected victims’ Apple devices with its Pegasus spyware.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple SVP of Software Engineering, said in a statement. “While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”
Apple’s complaint says NSO Group delivered its FORCEDENTRY exploit to Apple devices by creating Apple IDs that sent malicious data to a victim’s device. This enabled the installation of Pegasus spyware without a victim’s knowledge.
Researchers with Citizen Lab discovered the zero-day, zero-click exploit in September, and Apple released an urgent security update for Mac, iPhone, iPad and Watch users to patch the vulnerability.
Apple says in its complaint that Apple servers were misused to deliver FORCEDENTRY but were not hacked or compromised in the attacks. The company also said it is notifying the small number of users that it discovered may have been targeted by FORCEDENTRY.
Apple also said it is contributing $10 million, as well as any damages from the lawsuit, to organizations like the Citizen Lab and Amnesty Tech to further cybersurveillance research and advocacy.