Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv. (Photo: Jack Guez/AFP via Getty Images)

A woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv. (Photo: Jack Guez/AFP via Getty Images)

Apple Sues Israel's NSO Group in Effort to Protect iPhone Users From Pegasus Spyware

"Spyware is a critical Israeli export," said Jewish Voice for Peace. "It's about time they are forced to be held accountable."

Kenny Stancil

Apple on Tuesday sued NSO Group, accusing the Israeli company—widely criticized for selling surveillance technology to repressive governments around the globe—of infecting targeted iPhones with Pegasus spyware, which has been used to crack down on dissidents and journalists.

In its lawsuit, the U.S. tech giant accused the Israeli surveillance company of violating its terms and conditions as well as U.S. federal and state laws.

"Steps like this are useful, but incomplete. We need more action by governments."

"To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices," Apple announced in a press release. "The lawsuit also seeks redress for NSO Group's flagrant violations of U.S. federal and state law, arising out of its efforts to target and attack Apple and its users."

Craig Federighi, Apple's senior vice president of software engineering, said that "state-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change."

Jewish Voice for Peace (JVP) celebrated Apple's lawsuit, which comes just over two weeks after researchers from Amnesty International's Security Lab and the University of Toronto's Citizen Lab revealed that before the Israeli government outlawed six Palestinian human rights groups, the cellphones of activists from those organizations were infected with Pegasus spyware.

"Spyware is a critical Israeli export," JVP noted. "It's about time they are forced to be held accountable."

Apple's Federighi said that "Apple devices are the most secure consumer hardware on the market—but private companies developing state-sponsored spyware have become even more dangerous."

NSO Group used a new invasive technology "to attack a small number of Apple users worldwide with dangerous malware and spyware," according to Apple, which said that its complaint "provides new information on NSO Group's FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim's Apple device and install the latest version of NSO Group's spyware product, Pegasus. The exploit was originally identified by the Citizen Lab, a research group at the University of Toronto."

Citing Apple's complaint, The Verge explained how the attack worked: "Using the Apple IDs it created, NSO would send data to a target via iMessage (after determining that they were using an iPhone), which was maliciously crafted to turn off the iPhone's logging. That would then let NSO secretly install the Pegasus spyware and control what was being collected on the phone."

In its press release, Apple commended "groups like the Citizen Lab and Amnesty Tech for their groundbreaking work to identify cyber-surveillance abuses and help protect victims," and added that "to further strengthen efforts like these, Apple will be contributing $10 million, as well as any damages from the lawsuit, to organizations pursuing cyber-surveillance research and advocacy."

"No one in their right mind will want to touch [NSO Group]. But it's not just one company, this is an industrywide problem."

Apple's lawsuit comes two years after Facebook became the first company to sue NSO Group, which it did in 2019 for targeting WhatsApp users. As The Verge noted Tuesday, "Apple and WhatsApp aren't alone in their push against NSO Group in court, as last year, tech companies including Microsoft and Google filed a brief supporting Facebook's lawsuit."

The New York Times, which first reported Apple's lawsuit, said that the new complaint "represents another consequential move by a private company to curb invasive spyware by governments and the companies that provide their spy tools."

"Apple executives described the lawsuit as a warning shot to NSO and other spyware makers," the Times noted. Ivan Krstic, head of Apple security engineering and architecture, told the newspaper that "this is Apple saying: If you do this, if you weaponize our software against innocent users, researchers, dissidents, activists or journalists, Apple will give you no quarter."

Alluding to Pegasus' zero-click infection scheme—which NSO carried out after creating over 100 fake Apple IDs—Heather Grenier, Apple's senior director of commercial litigation, told the Times that "this was in flagrant violation of our terms of service and our customers' privacy."

"This is our stake in the ground, to send a clear signal that we are not going to allow this type of abuse of our users," Grenier added.

Earlier this month, the Biden administration blacklisted NSO Group and Candiru, a similar firm, in a development the Times called "the strongest step an American president has taken to curb abuses in the global market for spyware, which has gone largely unregulated." 

The Commerce Department's ban, which prohibits U.S. organizations from working with the pair of Israeli surveillance companies, came less than four months after the Pegasus Project, a media consortium of more than 80 reporters from 17 news outlets in 10 countries, analyzed a trove of leaked data and exposed how NSO Group's hacking tool "has been used to facilitate human rights violations around the world on a massive scale."

The investigation, published in July, also identified the phone numbers of over a dozen heads of state on a leaked list of more than 50,000 potential targets of Pegasus. The findings were met with widespread condemnation from human rights experts, including Agnès Callamard, secretary general of Amnesty International, and United Nations High Commissioner for Human Rights Michelle Bachelet.

While Bachelet advocated for stricter regulation of surveillance technologies to prevent human rights abuses, whistleblower Edward Snowden—who has lived in Russia with asylum protections since leaking classified materials on U.S. government mass surveillance in 2013—called for an end to the spyware trade. Less than a month later, three U.N. special rapporteurs demanded a global moratorium on the sale and transfer of spyware.

Moody's, the ratings agency, has warned that NSO Group's "$500 million of debt and severe cash flow problems" put the company "at risk of default," according to the Times. "Digital rights experts said Apple's suit threatened NSO's survival."

"NSO is now poison," Ron Deibert, director of Citizen Lab, told the newspaper. "No one in their right mind will want to touch that company. But it's not just one company, this is an industrywide problem."

"Steps like this are useful, but incomplete," he added. "We need more action by governments."

Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.

We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

Progressives Mobilize in Georgia for Dec. 6 Senate Runoff

Advocacy groups backing Sen. Raphael Warnock call the Democrat a "reproductive rights champion" who is also "fighting to stop the climate crisis and create good jobs in the process."

Jessica Corbett ·

Justice Demanded After Qatari World Cup Official Admits Hundreds of Migrant Worker Deaths

"Until all abuses suffered by migrant workers in Qatar are remedied, the legacy of this World Cup will be severely tarnished by their mistreatment," said Amnesty International's head of economic and social justice.

Brett Wilkins ·

Congressional Labor Caucus Demands More Funding for NLRB Before GOP Takes House

"Workers need the NLRB to receive funding that allows it to fully implement its mission," several Democratic lawmakers told House Speaker Pelosi and Senate Majority Leader Schumer.

Kenny Stancil ·

Progressives in Congress Begin to Push Back Against Biden Betrayal of Rail Workers

"What we're seeing is an inhumane deal being pushed onto workers even after a majority voted it down," said Rep. Jamaal Bowman.

Jake Johnson ·

Calls for SCOTUS Ethics Probe Grow as Court Lawyer Defends Alito

"Supreme Court justices have avoided accountability for too long," said one critic. "It's time for our elected officials to do their job, and serve as a true check on the judiciary."

Julia Conley ·

Common Dreams Logo