NSO’s Pegasus software can infect both iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.
NSO Group said its tools were made to target terrorists and criminals.
But it has allegedly also been used on activists, politicians and journalists.
NSO Group says it only supplies Pegasus to military, law enforcement and intelligence agencies from countries with good human-rights records.
However earlier this month, US officials placed the company on a trade blacklist, saying the software had “enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists”.
In a blog post announcing the California lawsuit, Apple said it wanted to hold NSO Group and its parent company OSY Technologies “accountable for the surveillance and targeting of Apple users”.
“To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices,” it said.
Apple prides itself on its privacy. It’s a major selling point for its devices.
So it’s not totally surprising that a company that has allegedly sought to bypass Apple security features might antagonise the giant.
That’s not the only reason Apple is making a stand though.
NSO claims it only works with agencies with good human rights records.
In that way the company has tried to distinguish itself from underground hackers doing nefarious activities.
By suing NSO Group Apple is rejecting that distinction.
Apple is making the point that it doesn’t matter who you are, if you’re a group trying to hack into an Apple product they’ll take action – whatever the motives.
But there’s a bit more depth to it than that.
In its complaint, filed in the US District Court for the Northern District of California, Apple said NSO’s tools were used in “concerted efforts in 2021 to target and attack Apple customers” and that “US citizens have been surveilled by NSO’s spyware on mobile devices that can and do cross international borders.”
Apple alleged that NSO group created more than 100 fake Apple ID user credentials to carry out its attacks.
The tech giant said that its servers were not hacked, but that NSO misused and manipulated the servers to deliver the attacks on Apple users.
Apple also alleged that NSO Group was directly involved in providing consulting services for the spyware, but NSO maintains that it only sells its tools to clients.
Apple said it was forced to engage in a continual arms race with NSO, saying the Israeli firm was “constantly updating their malware and exploits to overcome Apple’s own security upgrades”.
The iPhone maker said that it will donate $10m, as well as any damages recovered in the lawsuit, to cybersurveillance research groups including Citizen Lab, the University of Toronto group that first discovered NSO’s attacks.
NSO Group said in response: “Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers”.
“Paedophiles and terrorists can freely operate in technological safe-havens, and we provide governments with the lawful tools to fight [them].
“NSO group will continue to advocate for the truth.”