Apple Sues Israeli Hacker Firm Over Its Use of Spyware for 'Routine and Flagrant Abuse'

Apple filed a lawsuit Tuesday against NSO Group alleging that the Israeli technology firm's cyber-surveillance software commits "routine and flagrant abuse," the Associated Press reported. Apple said that the company's spyware, referred to as Pegasus, has been leveraged to target a small but widespread number of Apple customers across the world by hacking into their products.

In a complaint filed in a California federal court, Apple described NSO Group workers as "amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse."

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Craig Federighi, the senior vice president of software engineering for Apple.

NSO Group has vehemently denied all accusations of wrongdoing, saying that governments use its products to save lives, the AP reported.

"Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it. NSO group will continue to advocate for the truth," the company said in a statement.

Scrutiny surrounding the Israeli company has increased greatly in recent months, while some major departments and companies have taken action to curb its power. The U.S. Commerce Department blacklisted NSO Group earlier this month, and Facebook is carrying out its own lawsuit.

Apple said in an announcement Tuesday that the lawsuit aims to ban NSO Group from "further harming individuals by using Apple's products and services" and "seeks redress for NSO Group's flagrant violations of US federal and state law."

The company added that all of the users who may have been targeted by NSO Group spyware would be notified.

"Apple believes privacy is a fundamental human right, and security is a constant focus for teams across the company," the announcement said.

For more reporting from the Associated Press, see below.

Security researchers have found Pegasus being used around the world to break into the phones of human rights activists, journalists and even members of the Catholic clergy.

Pegasus infiltrates phones to vacuum up personal and location data and surreptitiously controls the smartphone's microphones and cameras. Researchers have found several examples of NSO Group tools using so-called "zero click" exploits that infect targeted mobile phones without any user interaction.

The Biden administration announced this month that NSO Group and another Israeli cybersecurity firm called Candiru were being added to the "entity list," which limits their access to U.S. components and technology by requiring government permission for exports.

Also this month, security researchers disclosed that Pegasus spyware was detected on the cellphones of six Palestinian human rights activists. And Mexican prosecutors recently announced they have arrested a businessman on charges he used the Pegasus spyware to spy on a journalist.

Facebook has sued NSO Group over the use of a somewhat similar exploit that allegedly intruded via its globally popular encrypted WhatsApp messaging app. A U.S. federal appeals court issued a ruling this month rejecting an effort by NSO Group to have the lawsuit thrown out.

Apple also announced Tuesday that it was donating $10 million, as well as any damages won in the NSO Group lawsuit, to cybersurveillance researchers and advocates.