On Tuesday, Apple filed a lawsuit against Israeli spyware company NSO Group and its parent company. Apple is seeking a permanent injunction that bans NSO Group from using all Apple software, services, and devices. The complaint also offers new information regarding how the NSO Group was able to use its Pegasus spyware to infect Apple devices. Apple stated that NSO Group and similar companies have no effective accountability. The tech giant also asserts that NSO Group delivered its FORCEDENTRY exploit to Apple devices through creating Apple IDs that sent malicious data to a victim’s device. Therefore, the Pegasus spyware could be installed without a victim’s knowledge.
Citizen Lab discovered the zero-day in September. The vulnerability does not require a target to click on any malicious links to work. Following the discovery, Apple released an urgent security update that patched the vulnerability for multiple devices, including Mac, iPhone, iPad, and Apple Watch. Apple stated that its servers were misused to deliver the FORCEDENTRY exploit but were not hacked or compromised in the attacks. Apple is contributing $10 million, as well as damages resulting from the lawsuit, to organizations such as Citizen Lab and Amnesty Tech to advance cybersecurity research and advocacy.
Read More: Apple sues NSO Group over Pegasus spyware
