Apple sues company known for hacking iPhones on behalf of governments.
Apple has sued NSO Group, an Israeli firm that sells software to government agencies and law enforcement that allows them to hack iPhones and read the data on them, including messages and other communications.
Earlier this year, Amnesty International said it discovered recent-model iPhones belonging to journalists and human rights lawyers that had been infected with NSO Group malware.
Apple also said on Tuesday it had patched the flaws that allowed the NSO Group software to access private data on iPhones with what are “zero-click” attacks where the malware is delivered through a text message and leaves little trace of infection.
Apple said the attacks were only targeted at a small number of customers, and said on Tuesday that it would inform iPhone users that may have been targeted by the software, which it calls FORCEDENTRY.
“To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge,” Apple said in its announcement. “Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.”
NSO Group is accused of using “0day” bugs to create its spyware, or flaws that Apple has not yet been able to fix. Once Apple fixes an exploit, it’s no longer a 0day and users can protect themselves by updating their iPhone software to the latest version.
Meta and Facebook subsidiary WhatsApp is also separately suing NSO Group.
NSO Group was not immediately available for comment. Earlier this year, a spokesperson said that NSO sells its technology to law enforcement and intelligence agencies to prevent crime and terror acts, and vetted their customers.
Source: CNBC