Apple suing ‘hacker-for-hire’ firm NSO that Canadian cyber watchdog Citizen Lab warned them about

November 23, 2021
Apple suing 'hacker-for-hire' firm NSO that Canadian cyber watchdog Citizen Lab warned them about
11
Views

[
]

Tech giant Apple announced Tuesday it is suing Israel’s NSO Group, seeking to block the world’s most infamous hacker-for-hire company from breaking into Apple’s products, such as the iPhone.

Apple said in a complaint filed in federal court in California that NSO Group employees are “amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.”

Apple said NSO Group’s spyware, called Pegasus, had been used to attack a small number of Apple customers worldwide.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice-president of software engineering.

NSO Group has broadly denied wrongdoing and said its products have been used by governments to prevent terrorism and crime. The company did not immediately return a request for comment on Tuesday.

The move by Apple comes after cybersecurity watchdog group Citizen Lab, at the University of Toronto, warned Apple of a vulnerability in its software that could allow a certain type of spyware to infect Apple devices without the user doing anything or knowing about it.

Exiled contractor Edward Snowden credited Citizen Lab with the discovery.

NSO claims it created the spyware for law enforcement purposes.

“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression while enriching themselves and their investors,” Citizen Lab’s director Ron Diebert said in a statement. “They claim they are selling a carefully controlled “lawful interception” tool, but in reality what they are providing is despotism-as-a-service.”

It’s the latest blow to the hacking firm, which was recently blacklisted by the U.S. Commerce Department and is currently being sued by social media giant Facebook.

How Pegasus works

Security researchers have found Pegasus being used around the world to break into the phones of human rights activists, journalists and even members of the Catholic clergy.

Pegasus infiltrates phones to vacuum up personal and location data and surreptitiously controls the smartphone’s microphones and cameras. Researchers have found several examples of NSO Group tools using so-called “zero click” exploits that infect targeted mobile phones without any user interaction.

The Biden administration announced this month that NSO Group and another Israeli cybersecurity firm called Candiru were being added to the “entity list,” which limits their access to U.S. components and technology by requiring government permission for exports.

Also this month, security researchers disclosed that Pegasus spyware was detected on the cellphones of six Palestinian human rights activists. Mexican prosecutors also recently announced they have arrested a businessman on charges he used the Pegasus spyware to spy on a journalist.

Facebook has sued NSO Group over the use of a somewhat similar exploit that allegedly intruded via its globally popular encrypted WhatsApp messaging app. A U.S. federal appeals court issued a ruling this month rejecting an effort by NSO Group to have the lawsuit thrown out.

Apple also announced Tuesday that it was donating $10 million US, as well as any damages won in the NSO Group lawsuit, to cybersurveillance researchers and advocates.






Source link

Article Categories:
Business

Life is like a running cycle right! I am a news editor at TIMES. Collecting News is my passion. Because my visitors have the right to know the truth and perfectly.

Leave a Reply

Your email address will not be published. Required fields are marked *

The maximum upload file size: 8 MB. You can upload: image, audio, video, document, spreadsheet, interactive, text, archive, code, other. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here