Apple is suing Israel’s NSO Group, the world’s most notorious hacker-for-hire company, for developing and distributing malware to hack devices.
In a complaint registered in federal Court in California, the tech giant said that NSO employees “are amoral 21st-century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.”
Craig Federighi, Apple’s senior vice-president of software engineering, said:
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change.”
Apple took this case to court after cybersecurity group Citizen Lab at the University of Toronto alerted Apple of a zero-click vulnerability in its software that could be susceptible to spyware called Pegasus.
What is Pegasus and how does it work?
Pegasus is the most powerful tool of spyware designed by an Israeli surveillance company, NSO. Once the software worms its way onto the victim’s smartphone, it can turn their phone into a 24/7 surveillance device without them noticing.
This software infiltrates phones to harvest personal and location data, be it your messages, photos, or call records, and secretly controls your device’s camera and microphones.
NSO’s spyware is capable of infecting billions of phones, including Android or iOS devices. The same spyware had been used to break into the phones of journalists, human rights activists, and even members of the Catholic clergy.
NSO claims that Pegasus was intended for legitimate law enforcement purposes, but is it really though? Some cybersecurity experts have had speculations that the company doesn’t really care who and what it sells its services to.
“It is important for all of us to have an awareness of what NSO Group has been up to,” said Chester Wisniewski, lead researcher at security firm Sophos.
“Those of us who look into spyware, which is ultimately what NSO Group produces, have suspected them of doing this for years.”
According to Apple’s complaint, NSO Group distributed its FORCEDENTRY exploit to Apple devices by creating Apple IDs for sending malicious data to a targeted user’s device. This allowed the installation of Pegasus spyware without a victim’s knowledge.
NSO hasn’t released any statement in this regard.
Ron Diebert, Citizen Lab’s director, said, “Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression while enriching themselves and their investors.”
“They claim they are selling a carefully controlled “lawful interception” too, but in reality, what they are providing is despotism-as-a-service,” he continued.
Canadian cybersecurity research firm Citizen Lab plays a prominent role in bringing this spyware to light, which leads to legal action against the developer.
“If Citizen Lab hadn’t done the work they had done, Apple probably wouldn’t be as upset about it, and therefore they wouldn’t have done anything,” said Wisniewski.
Former NSA contractor Edward Snowden also took to Twitter and praised Citizen Lab for their massive finding.
Reporters writing on the Apple-NSO story should understand this lawsuit would not be *possible* without the years-long investigations of @citizenlab, who are close to single-handedly responsible for uncovering the bulk of what we know about the NSO group’s darkest deeds. https://t.co/3YDVvlwYgn
— Edward Snowden (@Snowden) November 23, 2021
In the complaint against NSO, Apple says that some of the company’s servers were exploited to deliver FORCEDENTRY but were not compromised in the attacks. However, the company also acknowledges that a small number of users that it found may have been targeted by FORCEDENTRY.
Apple also announced that it has contributed $10 million to Citizen Lab and Amnesty Tech to promote their work on cyber-surveillance.