After WhatsApp and Meta sued the Israeli company NSO Group for its Pegasus spyware, now Apple is doing the same.
the apple company was announced a lawsuit against the NSO Group in an effort to “Limit state-sponsored spyware abuse.”
Apple seeks damages (which was not disclosed in today’s announcement) and intends to prohibit the NSO Group from using any “Apple Software, Service, or Device” in the future.
According to Apple, the NSO Group is responsible for an exploit called FORCEDENTRY, which installs Pegasus spyware on personal devices exploiting a vulnerability.
Apple points to a Citizen Lab report for September as proof that the NSO Group is using Pegasus to spy “Journalists, activists, dissidents, academics and government officials”, violating human rights in the process.
Apple has fixed the vulnerability and says Pegasus ended up being used to attack just one “small number” of users.
“State-sponsored actors such as the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. This has to change », Apple’s senior vice president of software engineering Craig Federighi said in today’s announcement
“Apple devices are the safest consumer hardware on the market, but private companies running state-sponsored spy programs have become even more dangerous. While these cybersecurity threats only affect a small number of our customers, we take any attacks on our users very seriously and are constantly working to strengthen the security and privacy protections in iOS to keep all of our users safe. “
Apple, WhatsApp and Meta are not alone in their search for the NSO Group. Not only did Microsoft, Google and Cisco support Meta’s (then Facebook) lawsuit against the organization, but these exploits they also caught the attention of the US government.
The Biden administration has blacklisted the NSO Group and another company, Candiru, meaning that no US-based organization can work with either company.
In today’s announcement, Apple said that will contribute 10 million dollars, in addition to the damages and losses of this action, to “Organizations that pursue the investigation and defense of cyber surveillance”, such as the Citizen’s Laboratory and Amnesty Technology already mentioned.
The company also says that you didn’t see any indication of remote attacks performed on devices running iOS 15 and later, so if you’re still using an older version of iOS, it seems like a good idea to apply any software updates you’ve been waiting for.
The company will contact those affected by these exploits and by Pegasus spyware.