Apple has filed a lawsuit against the Israeli firm NSO Group and its parent group for targeting and surveillance of iPhone and Mac users with its Pegasus spyware. In a bid to protect its customers from further harm, the company is seeking a permanent injunction to ban NSO Group from using any of its products and services.
NSO Group is behind many popular iPhone and Mac spyware that has been used to target and spy on journalists and other high-level government executives. The lawsuit also provides more details on how the group’s FORCEDENTRY exploit was used to break into a victim’s phone and install the Pegasus spyware on it.
NSO Group and its clients devote the immense resources and capabilities of nation-states to conduct highly targeted cyberattacks, allowing them to access the microphone, camera, and other sensitive data on Apple and Android devices. To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge. Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.
Apple will be informing the small amount of iPhone users who were targeted using the FORCEDENTRY exploit. It will also do so for all future state-sponsored spyware attacks that it discovers.
Apple highlights in its press release that researchers found other mobile platforms to have 15x more malware infections than iPhone, with only 2 percent of malware targeting iOS devices. Additionally, Apple has included several new security protections in iOS 15, and the company has “not observed any evidence of successful remote attacks against devices running iOS 15.”
Apple also intends to support the Citizen Lab group with pro-bono technical, threat intelligence, and engineering assistance. It will also be contributing $10 million and any damages awarded to it from the lawsuit to organizations working on cyber-surveillance research and advocacy.