Apple has launched a lawsuit against NSO Group, the maker of country-state spyware Pegasus, seeking a permanent injunction preventing the spyware maker from using any Apple product or service.
In a statementApple said it is seeking an injunction to “prevent further abuse and harm to its users.”
Israel-based company NSO Group develops Pegasus, a spyware that gives its government customers almost complete access to a target’s device, including their personal data, photos, messages and precise location. Spyware works by exploiting previously unknown vulnerabilities in the iPhone software. Many of those targeted, including journalists, activists and human rights defenders, received malicious links in text messages, but Pegasus has recently been able to silently hack iPhones without any user interaction.
Several authoritarian governments are known to use Pegasus, including Bahrain, Saudi Arabia, Rwanda, the United Arab Emirates, and Mexico; However, NSO has repeatedly declined to name or confirm dozens of its customers, citing non-disclosure agreements.
Apple’s complaint filed tuesday, aims to make it more difficult for NSO to detect and exploit vulnerabilities in iPhone software to hack its targets.
Researchers at Citizen Lab found evidence earlier this year that the NSO Group has developed a new exploit capable of bypassing new protections built into iPhone software, known as Blastdoor, which Apple has developed in large part. It was designed to prevent NSO-style attacks by filtering out malicious payloads. Can be used to compromise a tool. This so-called zero-click vulnerability — named as such because it doesn’t require the victim to click on any links to be infected — has been tied up by Citizen Lab for the ability to skirt the security of Apple’s Blastdoor. was given. Apple patched the vulnerability in September, when it was found to affect all Apple devices, not just iPhones.
Apple said NSO uses Apple’s own services to deliver its spyware. By seeking a permanent injunction, Apple wants to ban NSO from using any of its services to launch attacks against people targeted by its government customers.
“At Apple, we are always working to protect our users from the most complex cyber attacks. The steps we are taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those trying to make the world a better place,” said Apple security chief Evan Kristick. said. “Our threat intelligence and engineering teams work round-the-clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections across our software and silicon. Apple has the most sophisticated security engineering operations in the world. and we will continue to work tirelessly to protect our users from abusive state-sponsored actors such as the NSO Group.
Apple said its known victims have been notified of those targeted by the ForcedEntry exploit, and said it notifies victims it learns have been targeted with state-sponsored spyware.
The media email of NSO Group was returned as an email not delivered.