Apple has reportedly filed a lawsuit against Israeli cyber firm NSO Group and its parent company OSY Technologies for alleged surveillance and targeting of US Apple users with its PEGASUS spyware.
Reuters quoted the iPhone maker as saying it is also seeking to ban NSO Group from using any Apple software, services or devices to prevent further abuse.
Apple is the latest in a string of companies and governments to go after NSO, the maker of the Pegasus hacking tool that watchdog groups say targeted human rights workers and journalists.
Earlier this month, US officials placed the company on a trade blacklist. NSO has also faced either legal action or criticism from Microsoft, Meta Platforms, Alphabet and Cisco Systems.
NSO is allegedly involved in circumventing security for products made by these companies and selling that circumvention in the form of hacking tools to foreign governments.
In a statement, NSO, which says it sells its tools only to governments and law enforcement agencies and has safeguards in place to prevent misuse, said that “thousands of lives” have been saved through the use of its tools.
“Paedophiles and terrorists can freely operate in technological safe havens, and we provide governments the lawful tools to fight them. NSO Group will continue to advocate for the truth,” a spokesman said in a statement.
In its complaint filed in US district court for the northern district of California, Apple said NSO’s tools were used in “concerted efforts in 2021 to target and attack Apple customers” and that “US citizens have been surveilled by NSO’s spyware on mobile devices that can and do cross international borders”.
Fake IDs
Apple alleged that NSO Group created more than 100 fake Apple ID user credentials to carry out its attacks. Apple said that its servers were not hacked, but that NSO misused and manipulated the servers to deliver the attacks on Apple users.
Apple also alleged that NSO Group was directly involved in providing consulting services for the attacks, which is noteworthy because NSO has maintained that it sells its tools to clients.
“Defendants force Apple to engage in a continual arms race: Even as Apple develops solutions and enhances the security of its devices, defendants are constantly updating their malware and exploits to overcome Apple’s own security upgrades,” Apple said.
Apple said it has so far seen no evidence of NSO’s tools being used against Apple devices using iOS 15, the latest version of its mobile operating system.
The iPhone maker said that it will donate US$10-million, as well as any damages recovered in the lawsuit, to cybersurveillance research groups including Citizen Lab, the University of Toronto group that first discovered NSO’s attacks.
Ghana
Currently, in Ghana some former state official are in jail for squandering millions of dollars meant to acquire the Pegasus spyware from NSO some years back.
But there are suspicions that even though the deal went bad due to the corruption of those state officials, NSO may have done a test run of its spyware on some Ghanaians at the time, to convince the government of its efficacy.
It is believed that the main reason those state officials were jailed was because they may have tried the spyware on some of the then top opposition leaders and their aides, who are now government officials.
Some top journalists at the time also had cause to believe their phones were being tapped but they did not have the evidence to show. But this new revelation and lawsuit by Apple against the owners of Pegasus could be proof that indeed the spyware is indeed being used on targeted iPhone users, and Ghanaians could be at risk.