Apple is suing NSO Group, the Israeli military-grade spyware manufacturer that created surveillance software used to target the phones of journalists, political dissidents and human rights activists, to block it from using its products.
The iPhone maker’s lawsuit, filed on Tuesday in federal court in California, alleged that NSO, the largest known Israeli cyber warfare company, had spied on and targeted Apple users. It is seeking damages as well as an order stopping NSO from using any Apple software, device or services.
NSO develops and sells its spyware, known as Pegasus, which exploits vulnerabilities in iPhones and Android smartphones, and allows those who deploy it to infiltrate a target’s device unnoticed.
Clients include government agencies, who buy the spyware as off-the-shelf software. NSO has said that it sells its weapon only to nations in order to fight terrorism and serious crime, and with the approval of the Israeli government.
Pegasus was revealed in July to have been used to target smartphones belonging to dozens of journalists, human rights activists and politicians, according to an investigation by a consortium of newspapers.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” Craig Federighi, Apple’s senior vice-president of software engineering, said in a statement. “Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous.”
NSO Group could not immediately be reached for comment.
Apple’s complaint comes just weeks after the US Court of Appeals for the Ninth Circuit held that NSO and its parent company Q Cyber were not sovereign entities and therefore were not shielded from an earlier lawsuit brought by Facebook accusing NSO of targeting users of its WhatsApp messaging service.
The US government also announced this month that it had added NSO Group and rival Tel Aviv-based Candiru to a trade blacklist, which would restrict exports of US hardware and software to the companies, as it cracks down on the global hacking-for-hire industry.
In the complaint, Apple called NSO a group of “notorious” and “amoral” hackers that act as “mercenaries” creating cyber-surveillance machinery “that invites routine and flagrant abuse” for commercial gain.
Apple accused NSO of violating multiple federal and state laws “arising out of their egregious, deliberate, and concerted efforts in 2021 to target and attack Apple customers”.
Apple issued an emergency software update in September after a vulnerability from Pegasus was exposed by researchers at the University of Toronto’s Citizen Lab.