Apple (NASDAQ: AAPL), has filed a lawsuit against NSO Group, an Israeli firm that sells software to government agencies and law enforcement, which allows them to hack iPhones. The malware, called Pegasus, allows the hackers to view messages and other communications within the device. Apple is now seeking a permanent injunction to ban NSO Group from utilizing any Apple software services or devices.
Furthermore, the U.S. government blacklisted NSO Group this month, ultimately banning it from using American technology in its operations.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering. “Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”
According to the company, it has repaired the bug that enabled the NSO Group software through “zero-click” attacks, which delivers the malware through a text message and initiates the infection. Pegasus’s users are able to access the iPhone owner’s microphone and camera as well as emails, text messages, and browsing history, Apple said.
“To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge,” Apple said in its announcement. “Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.”
NSO Group has yet to comment on the matter.