Apple sues NSO Group for surveillance and targeting of Apple users

Apple has filed a major lawsuit against the NSO Group and its parent company, Q Cyber Technologies in the US District Court for the Northern District of California to ‘hold it accountable for the surveillance and targeting of Apple users’. 

Apple claims that NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability, was used in 2021 to target and attack Apple customers and to install Pegasus spyware. According to Reuters, Apple also claims that ‘US citizens have been surveilled by NSO’s spyware on mobile devices that can and do cross international borders’ and that NSO Group ‘created more than 100 fake Apple ID user credentials to carry out its attacks.’

Apple alleges among others, that the NSO Group has violated the Computer Fraud and Abuse Act, and seeks a permanent injunction to ban NSO Group from using any Apple software, services, or devices. 

At the same time, Apple announced that it will contribute US$10 million, as well as any damages from the lawsuit, to organizations pursuing cyber surveillance research and advocacy.