Security News

The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters. NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

The complaint alleges that the maker of the infamous Pegasus mobile spyware is responsible for the illegal surveillance of Apple users. "In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place," said Ivan Krstić, head of apple security engineering and architecture, in an Apple statement, issued Monday.

To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. NSO Group's Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers.

Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. "State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Craig Federighi, Apple's senior vice president of Software Engineering in a statement.

Apple today sued NSO Group, which sells spyware to governments and other organizations, for infecting and snooping on people's iPhones. In a strongly worded filing [PDF] Apple described NSO as "Amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse." Cupertino wants damages and a ban on NSO interacting or interfering any further with Apple services and products.

Apple has filed a lawsuit against Pegasus spyware-maker NSO Group and its parent company for the targeting and spying of Apple users with surveillance tech. NSO's FORCEDENTRY exploit was used by state-backed attackers to break into Apple devices to install the latest version of Pegasus spyware, as revealed by the Citizen Lab in August.

Spyware maker NSO Group cannot use its government clients to shield itself from litigation, a US appeals court ruled on Monday, a decision that allows WhatsApp's lawsuit against the Israel-based firm to resume. In 2019, Facebook and its WhatsApp subsidiary sued NSO claiming the firm's intrusion software, known as Pegasus, was used to unlawfully compromise the accounts of WhatsApp customers.

The Israeli cyberweapons arms manufacturer - and human rights violator, and probably war criminal - NSO Group has been added to the US Department of Commerce's trade blacklist. Aside from the obvious difficulties this causes, it'll make it harder for them to buy zero-day vulnerabilities on the open market.

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "Malicious cyber activities." The agency said the two companies were added to the list based on evidence that "These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."