IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Apple sues NSO Group over Pegasus attacks on its customers

The lawsuit claims 'flagrant' violations of US federal and state law from the Israeli firm behind the infamous spyware

Apple has filed a lawsuit against Israel-based NSO Group for allegedly hacking Apple users and violating US federal and state laws.

In addition to the lawsuit against NSO Group and its parent company OSY Technologies, Apple will also seek a permanent injunction to ban NSO Group from using any product made by Apple, including software, hardware, and services.

Apple said NSO Group has created "sophisticated, state-sponsored surveillance technology" to allow whoever purchases a licence to use it to surveil a highly targeted, small selection of individuals.

NSO Group is most famous for creating the Pegasus spyware capable of monitoring and stealing information from specific targets' devices and allegedly selling it to nation-states.

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, senior vice president of software engineering at Apple.

“Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous," he added. "While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”

Apple plans to reveal new information about the FORCEDENTRY exploit Pegasus used to gain access to the microphone, camera, and sensitive data on iOS and Android devices as part of the lawsuit.

NSO Group's hacking history

The exploit was first discovered by Citizen Lab researchers based at the University of Toronto. Apple patched this no-click zero-day vulnerability in September this year which saw bad actors able to send malicious iMessages and infect a victim's iPhone, iPad, Apple Watch, and Mac without any user intervention.

"Part of [NSO Group's] pitch is you don’t need much sophistication; just sit at this console, enter a phone number, and presto, you can start pulling data from that phone," said John Scott-Railton, senior researcher at Citizen Lab to the Darknet Diaries podcast. "Their business model is kind of somewhere between hacking as a service and the provision of software.

"Basically what they’re offering to their customers is the ability to target an arbitrary cell phone and gain access and persistence," he added.

Earlier this year, a joint investigation by 17 global media organisations revealed that Pegasus spyware was sold to authoritarian governments and then targeted at least 50,000 journalists, government officials, human rights activists, and other high-profile figures.

Related Resource

Hybrid cloud for video surveillance

What it is and why you'll want one

Wasabi_Hybrid_Cloud_Video_Surveillance_WP_coverFree download

In perhaps the most high-profile Pegasus case to date, forensic investigations following the high-profile killing of journalist Jamal Khashoggi in 2018, ordered by the Saudi Arabian government - an NSO Group client, revealed Pegasus spyware was found on his mobile phone.

Asked directly about whether it knows that Pegasus was being used to surveil journalists and violate human rights, Shalev Hulio, co-founder of and the 'S' in NSO Group, said to Darknet Diaries: "I only say that we are selling Pegasus in order to prevent crime and terror".

That's the typical line given to media from NSO Group which believes Pegasus has saved the lives of tens of thousands of people.

US sanctions and financial instability

The US imposed sanctions on NSO Group in November 2021, along with three other companies, stipulating that no US companies may have any dealings with NSO Group without a license from the US government. 

The move prompted NSO Group's CEO Isaac Benbenisti to quit the role he accepted less than a week prior. Benbenisti hadn't even started his job at NSO Group before his resignation was announced a week after US sanctions were announced.

The sanctions had additional ripple effects on the company as Bloomberg reported that Wall Street is now treating it as a distressed asset, which could lead to further revenue contraction, and that it is currently struggling to repay a $500 million (£374 million) debt.

NSO Group is reportedly facing cash flow issues and recent alleged attempts to generate further sales with nations such as France - an allegation France denies - have failed.

Featured Resources

The 3D skills report

Add 3D skills to your creative toolkits and play a sizeable role in the digital future

Free Download

The increasing need for environmental intelligence solutions

How sustainability has become a major business priority and is continuing to grow in importance

Free Download

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

Solve global challenges with machine learning

Tackling our word's hardest problems with ML

Free Download

Recommended

Apple issues patch for macOS security bypass vulnerability
Security

Apple issues patch for macOS security bypass vulnerability

20 Dec 2022
Apple issues fix for ‘actively exploited’ WebKit zero-day vulnerability
Security

Apple issues fix for ‘actively exploited’ WebKit zero-day vulnerability

14 Dec 2022
Apple steps up user security with end-to-end encryption for iCloud
encryption

Apple steps up user security with end-to-end encryption for iCloud

8 Dec 2022
Apple and AMD will both be 'major customers' of TSMC's new Arizona fabs
Hardware

Apple and AMD will both be 'major customers' of TSMC's new Arizona fabs

7 Dec 2022

Most Popular

Why energy efficient technology is key to a sustainable business
Sponsored

Why energy efficient technology is key to a sustainable business

16 Jan 2023
Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023