Apple announced on Tuesday it has sued notorious Israeli spyware maker NSO Group over its allegedly “flagrant violations” of US law stemming from efforts to target iPhone users.
The suit is the latest against the beleaguered NSO Group after WhatsApp and Facebook parent company Meta took action in October.
Apple said it is seeking a permanent injunction to prevent NSO Group from ever again using any of its devices, software or services after the Israeli firm’s Pegasus spyware was used to surveil and target Apple users.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” Craig Federighi, Apple’s senior vice president of Software Engineering, said in a statement.
“Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS,” he added.
Apple’s legal complaint alleges that NSO Group implemented a since-patched exploit known as FORCEDENTRY in its spyware that allowed its users to break into Apple devices and install Pegasus.
Apple said it would be contributing $10 million, as well as an unspecified amount of damages it is seeking in court, to organizations that specialize in combatting spyware.
Ron Deibert, the director of the University of Toronto’s Citizen Lab, hailed Apple’s legal action, saying it is a step towards holding NSO Group “accountable for their abuses,” and expressing hope that it will “help to bring justice to all who have been victimized by NSO Group’s reckless behavior.”
“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors,” he said.
NSO has maintained that it only sells its spyware to governments only for lawful purposes, but it has repeatedly been found to be at the center of controversy, including efforts to surveil journalists dissidents and heads of state.
The US sanctioned the company on Oct. 3 after it determined NSO and fellow Israeli surveillance firm Candiru “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”