Skip to content
Apple files lawsuit against NSO Group over Pegasus spyware – TechCrunch


Apple has filed a lawsuit against NSO Group, the maker of state spyware Pegasus, seeking a permanent injunction to prevent the spyware maker from using any Apple product or service.

In a statement, Apple said it was seeking the injunction to “prevent further abuse and harm to its users.”

Israeli company NSO Group is developing Pegasus, spyware that gives its government clients nearly complete access to a target’s device, including their personal data, photos, messages, and precise location. The spyware works by exploiting previously unknown vulnerabilities in iPhone software. Many targeted people, including journalists, activists and human rights defenders, received malicious links in text messages, but Pegasus was recently able to silently hack iPhones without any user interaction.

Several authoritarian governments use Pegasus, notably in Bahrain, Saudi Arabia, Rwanda, United Arab Emirates and Mexico; however, NSO has repeatedly refused to name or confirm its dozens of clients, citing nondisclosure agreements.

Apple’s complaint, filed Tuesday, aims to make it much more difficult for NSO to find and exploit vulnerabilities in iPhone software to hack its targets.

Researchers at Citizen Lab discovered earlier this year that NSO Group had developed a new exploit capable of bypassing new protections built into iPhone software, known as BlastDoor, which Apple designed largely to prevent attacks from type NSO by filtering out malicious payloads that could be used to compromise a device. This so-called zero-click vulnerability – so named because it does not force the victim to click on links to be infected – has been dubbed ForcedEntry by Citizen Lab for its ability to bypass Apple’s BlastDoor protections. Apple fixed the vulnerability in September after finding it affected all Apple devices, not just iPhones.

Apple said NSO uses Apple’s own services to deliver spyware. By seeking a permanent injunction, Apple wants to ban NSO from using any of its services to launch attacks against people targeted by its government customers.

“At Apple, we always strive to defend our users against the most complex cyber attacks. The actions we take today will send a clear message: in a free society, it is unacceptable to arm powerful state-funded spyware against those who seek to make the world a better place, ”said Ivan Krstić, Chief Apple Security. “Our threat intelligence and engineering teams are working around the clock to analyze new threats, quickly fix vulnerabilities and develop new cutting-edge protections in our software and silicon. Apple operates one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group. “

Apple said it notified known victims targeted by the ForcedEntry exploit and said it notifies victims it says were targeted by state-sponsored spyware.

An email to the NSO Group media email address was bounced as undeliverable.

Not all news on the site expresses the point of view of the site, but we transmit this news automatically and translate it through programmatic technology on the site and not from a human editor.