Apple sues Pegasus spyware makers, says abuse of state-sponsored spyware must stop
In its lawsuit, Apple provided new details about how the NSO Group infected devices with its Pegasus spyware.
The Pegasus controversy has once again erupted with Apple suing NSO Group to curb the abuse of state-sponsored spyware. Apple also announced a $10 million contribution to support cyber-surveillance researchers and advocates.
Seeking a jury trial in the United States District Court in San Jose, California, the smartphone maker accused the Israeli firm and its parent company of surveillance and targeting of Apple users. In its lawsuit, Apple provided new details about how the NSO Group infected devices with its Pegasus spyware. To safeguard its customer interests, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple devices, software or services.
According to Craig Federighi, senior vice president of Software Engineering at Apple, state-sponsored actors like the NSO Group spend millions of dollars for developing cutting-edge technologies for surveillance but at the expense of accountability. Claiming that private companies developing state-sponsored spyware had become even more lethal, Federighi said that lack of accountability must end even though Apple, at its end, is doing its best to strengthen security and privacy protections in the iOS.
In the lawsuit, Apple details how the spyware, which allows the NSO Group and its clients to access the microphone, camera, and other sensitive data on Apple and Android devices, is installed on a victim's phone. Apple claims that an exploit named FORCEDENTRY was used to break into some Apple devices and install the latest version of Pegasus spyware. The Citizen Lab, a research group at the University of Toronto, was the first to identify this exploit.
Apple further describes in its lawsuit that attackers created Apple IDs to send malicious data to a victim's device in order to deliver FORCEDENTRY to their devices, which allowed the Israeli firm or its clients to deliver and install Pegasus spyware without the target's knowledge. The company denied Apple servers being ever hacked or compromised through the FORCEDENTRY attacks.
The Cupertino-based company also boasted about how its iOS 15 was able to successfully thwart remote attacks against devices running on that system. It also urged all users to update their iPhones and always use the latest software. Stating that privacy is a fundamental human right, Apple also announced that it is contributing $10 million to support cyber-surveillance researchers.
In the past, after reports emerged about the Pegasus spyware being abused to target journalists, activists, dissidents, academics, and government officials across the world, including in India, the NSO group had clarified that the Pegasus spyware was not available for individuals but sold to vetted governments.