Apple sues NSO Group over Pegasus spyware

The iPhone maker says it wants to hold the Israel-based company accountable for targeting Apple users.

Carrie Mihalcik Managing Editor / News
Carrie is a Managing Editor at CNET focused on breaking and trending news. She's been reporting and editing for more than a decade, including at the National Journal and Current TV.
Expertise Breaking News, Technology Credentials
  • Carrie has lived on both coasts and can definitively say that Chesapeake Bay blue crabs are the best.
Bree Fowler Senior Writer
Bree Fowler writes about cybersecurity and digital privacy. Before joining CNET she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, wannabe runner and champion baker of over-the-top birthday cakes and all-things sourdough.
Expertise cybersecurity, digital privacy, IoT, consumer tech, smartphones, wearables
Nelson Aguilar
Nelson Aguilar is an LA-based tech how-to writer and graduate of UCLA. With more than a decade of experience, he covers Apple and Google and writes on iPhone and Android features, privacy and security settings and more.
Carrie Mihalcik
Bree Fowler
Nelson Aguilar
2 min read
Angela Lang/CNET

Calling the company "notorious hackers" and "amoral 21st Century mercenaries," Apple on Tuesday filed a lawsuit against NSO Group, the Israel-based firm behind the Pegasus spyware that was uncovered on the phones of activists, journalists and executives earlier this year. 

Apple is seeking a permanent injunction to stop NSO from developing, distributing, using, or allowing others to use malware or spyware for any of the iPhone maker's hardware, software or devices. The lawsuit, filed in US District Court for the Northern District of California, also asks the court to require NSO Group to locate and delete any and all data collected without consent from the devices and software of Apple users. 

In addition, Apple wants NSO Group to disclose any entities with which it shared that information and to make a full accounting of the profits it reaped from those operations so that they can be handed over to the court. Apple seeks damages in excess of $75,000.

"Private companies developing state-sponsored spyware have become even more dangerous," Apple's senior vice president of software engineering, Craig Federighi, said in a release. "While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously."

In the lawsuit, Apple says the actions of NSO Group violated the Computer Fraud and Abuse Act and Apple's iCloud terms of service, which among other things forbids the use of Apple products for illegal activity.

NSO Group, which licenses surveillance software to government agencies, maintains that its Pegasus software helps authorities combat criminals and terrorists who take advantage of encryption technology to avoid detection. It didn't immediately respond to a request for comment on Apple's lawsuit.

Also on Tuesday, Apple said it would donate $10 million, as well as any damages from the lawsuit, to organizations pursuing cybersurveillance research and advocacy.

In September, Apple released security updates for its iPhones, iPads, Apple Watches and Mac computers to close a vulnerability reportedly exploited by NSO's invasive Pegasus spyware. The security fix stemmed from research done by a public interest cybersecurity group called Citizen Lab, which found that a Saudi activist's phone had been infected with Pegasus.

On Tuesday, Apple said the so-called ForcedEntry exploit, which used a now-patched vulnerability, allowed NSO Group or its clients to break into a small number of Apple devices and install Pegasus spyware without the victims' knowledge. Apple said it would notify people whom it discovered may've been targeted by the exploit.

Apple reportedly began sending security alerts to Apple users who may be remotely targeted by NSO Group's Pegasus spyware, according to Reuters on Wednesday. At least six Thai activists and researchers -- who have been critical of their government -- have reportedly already received such alerts from Apple.

Earlier this month, the US Commerce Department took action against NSO Group, blocking the sale of US technology to the company by putting NSO on the government's Entity List.