Apple sues creators of Pegasus software to spy on iPhones

pegasus scaled.jpg
pegasus scaled.jpg

After WhatsApp and Meta sued the Israeli company NSO Group for its spyware Pegasus, now Apple is doing the same.

The apple company has announced a lawsuit against NSO Group in an effort to “Curb abuse of state-sponsored spyware”.

Apple seeks compensation for damages (which was not disclosed in today’s announcement) and intends to prohibit the NSO Group from using any “Apple software, service or device” in the future.

According to Apple, NSO Group is responsible for an exploit called FORCEDENTRY, which installs Pegasus spyware on personal devices by exploiting a vulnerability.

Apple points to a September Citizen Lab report as proof that NSO Group is using Pegasus to spy on “Journalists, activists, dissidents, academics and government officials”, violating human rights in the process.

Apple has patched the vulnerability and says that Pegasus was ultimately used to attack only one “Small number” of users.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. This has to change », said Apple’s senior vice president of software engineering Craig Federighi in today’s announcement

“Apple devices are the most secure consumer hardware on the market, but private companies that run state-sponsored spy programs have become even more dangerous. Although these cybersecurity threats only affect a very small number of our customers, we take any attack on our users very seriously, and we are constantly working to enforce security and privacy protections in iOS to keep all of our users safe. “

Apple, WhatsApp and Meta are not alone in their pursuit of NSO Group. Not only did Microsoft, Google, and Cisco support Meta’s (then Facebook) lawsuit against the organization, but these exploits they have also caught the attention of the US government.

The Biden administration has blacklisted the NSO Group and another company, Candiru, meaning that no US-based organization can work with either company.

In today’s announcement, Apple has said that will contribute 10 million dollars, plus the damages of this lawsuit, to “Organizations that pursue the investigation and defense of cyber surveillance”, like the aforementioned Citizen Lab and Amnesty Tech.

The company also says that you have not seen any indication of remote attacks carried out on devices running iOS 15 and later, so if you’re still on an old version of iOS, it seems like it’s a very good idea to apply whatever software updates you may be waiting for.

The company will contact those who were affected by these exploits and the Pegasus spyware.