Skip to content

Apple sues NSO Group because its Pegasus spyware was used to target iPhone users

2021 November 23
by RSS Feed

Apple is taking Israel’s NSO Group to court because its Pegasus spyware was used extensively for surveillance and targeting of high-profile iPhone users.

Apple Newsroom website, the iPhone maker defines NSO Group as a software company that creates “sophisticated, state-sponsored surveillance technology that allows its highly targeted spyware to surveil its victims.”

From the announcement:

Apple today filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services or devices.

Apple’s software chief Craig Federighi says something needs to be done about companies like NSO Group spending significant resources on sophisticated surveillance technologies without effective accountability.

Apple devices are the most secure consumer hardware on the market—but private companies developing state-sponsored spyware have become even more dangerous. While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.

The lawsuit seeks to ban NSO Group from “further harming individuals” by using Apple’s products and services and redress for the Israeli company’s violations of US federal and state law.

How Pegasus spyware works

The software takes advantage of so-called zero-day exploits.

A zero-day exploit is a vulnerability in computer software for which there’s no patch because it’s unknown to those who should be interested in its mitigation. Apple has a bounty program that awards hackers with identifying critical bugs, but often times zero-day exploits end up in the wrong hands. Parties like the FBI and CIA pay millions of dollars for the license to use surveillance software such as NSO Group.

When Apple patches a known zero-day exploit, it affects companies like NSO Group which must find other vectors of attack or wait until another zero-day exploit is discovered. Pegasus was used against a group of journalists, activists, dissidents, academics and government officials.

iPhones of those high-profile targets were broken into thanks to a particularly nasty vulnerability in the iMessage media parsing engine (which Apple has fixed with iOS 14.8). It allows a bad actor to send a victim a maliciously crafted iMessage that doesn’t light up the screen, produce a sound or put up a banner.

It also doesn’t appear in the Messages list so the victim is completely unaware that something’s going on. The message causes a memory leak in Messages that allows the spyware to be installed. Now the remote operator has the power to download just about anything stored on your phone, including your photos, messages, call list and so on.

Apple has acknowledged that iOS 15 packs new security protections, including “significant upgrades” to the BlastDoor security mechanism that was designed to shield Messages from such attacks. “While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions,” the company notes.

Pegasus also targets cloud data on infected phones, making it that more dangerous.

Source link:

Leave a Reply

Note: You may use basic HTML in your comments. Your email address will not be published.

Subscribe to this comment feed via RSS