Spyware - Apple Starts Legal Action Against NSO Group

Uploaded on 2021-11-29 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Apple is suing Israeli spyware firm NSO Group and its parent company for allegedly targeting iPhone users with a powerful hacking tool. 

NSO's Pegasus software can infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.

The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. 

The lawsuit was filed in the federal court in San Jose, California, and alleges that NSO Group was engaged in concerted efforts in 2021 to attack Apple customers, products and servers through dangerous malware and spyware. “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering. 

US Government Blacklist

The Apple action follows only a couple of weeks after the  Israeli company was added to a US trade blacklist.
NSO Group's Pegasus software has reportedly been used by nation states to target the phones of rights activists and journalists and has consequently placed NSO Group, on its "entity list", banning business dealings with them.

The other firms added to the list with NSO Group are fellow Israeli spyware agency Candiru, Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy.

The Israeli company has in the past sold its surveillance software to Saudi Arabia, Mexico, the United Arab Emirates and other countries with poor human rights records. The company has consistently defended its actions by claiming that its surveillance tools are meant to be used by its customers to investigate serious crimes and terrorism. It has also alleged that it has no information about how its tools are used against targets.

Apple wants to hold NSO Group and its parent company OSY Technologies "accountable for the surveillance and targeting of Apple users" and is seeking a permanent injunction to ban NSO Group from using any Apple devices, software or services "to prevent further abuse and harm to its users...  "Defendants are notorious hackers, amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse," Apple wrote in its legal complaint.

The US government statement about placing put NSO Group on its trade blacklist says that that the company's software had "enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists". 

NSO denies those claims, saying it only works with law enforcement, military, and intelligence agencies from countries with good human-rights records.

In July, Paris-based non-profit Forbidden Stories and Amnesty International said NSO's Pegasus spyware may have been used to snoop on more than 1,000 journalists, rights activists and other prominent individuals, from about 50 countries. President Emmanuel Macron's phone number also reportedly showed up on a leaked list of French government minsters said to be bugged with Pegasus. 

Apple stated in its complaint that the NSO created more than 100 fake Apple ID user credentials to carry out its attacks. While its servers were not hacked, the Israeli firm misused and manipulated Apple's servers to deliver the attacks on iPhone users. 

The US and Israel are close allies, with their respective cyber-experts having co-operated to restrain Iran's nuclear programme. But Pegasus spyware has emerged as a formidable cyber-weapon, used by some of the most  autocratic regimes in the Middle East to target a wide range of people, not just criminals and terrorists. Journalists, lawyers, peace activists and other dissidents have all had their phones secretly infected with malware that allows the customer to read every message, access all their data and even remotely turn on the microphone without the owner's knowledge.

Apple:     Reuters:     Computing:     BBC:    JPost:   New York Times:   Times of Israel:    The Print

You Might Also Read:

Your Phone Is Spying On You:

 

« Russia Wants Control Over Big Tech
Tesla Drivers Can’t Unlock Their Cars »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

Arthur J Gallagher & Co

Arthur J Gallagher & Co

Arthur J. Gallagher & Co. is a global insurance brokerage and risk management services firm. Services include Cyber Liability insurance.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Cybonet

Cybonet

Cybonet is committed to empowering organizations of all sizes with the tools and capabilities to detect and engage cyber security threats.

LIFARS

LIFARS

LIFARS is a global leader in Digital Forensics and Cyber Resiliency Services.

Qufaro

Qufaro

Qufaro is a new initiative designed to make it simpler for those with career ambitions in cyber security to access the UK’s cyber-specific education and innovation opportunities.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

National Cybersecurity Competence Centre (NC3)

National Cybersecurity Competence Centre (NC3)

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

SecureNation

SecureNation

SecureNation offers a wide variety of cutting-edge technologies and IT services to address almost any of your information security, network security and information assurance needs.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

KYND

KYND

KYND has created pioneering cyber risk technology that makes assessing, understanding, and managing business cyber risks easier and quicker than ever before.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.