“To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices,” Apple said in a statement announcing the lawsuit filed in US federal court in California.
The company also admitted that a small number of iPhone users may have been targeted by the Pegasus spyware. “The spyware was used to attack a small number of Apple users worldwide with dangerous malware and spyware,” the company informed.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering.
NSO has consistently denied any wrongdoing and insisted its software is intended for use by authorities only in fighting terrorism and other crimes.
Apple is not the first tech giant to take legal action against spyware developer. Facebook sued NSO Group in 2019, accusing it of using the WhatsApp messenger to conduct cyberespionage on journalists, human rights activists and others.
Ransomware attacks targeting crypto investors via fake apps: Report
Pegasus spyware used a novel method to invisibly infect Apple devices without victims’ knowledge. Using the zero-click infection method, Pegasus can turn on a user’s camera and microphone, record messages, texts, emails, calls- even those sent via encrypted messaging and phone apps like Signal- and send them back to NSO’s clients at governments around the world.
NSO’s zero-click capability means victims receive no prompt, or have no idea about the attack. This flaw enables full access to a victim’s digital life.
Experts explain zero-click infection saying “This spyware can do everything an iPhone user can do on their device and more.”