Apple Files Lawsuit Against NSO Group for its Pegasus Spyware Attacks

Apple Files Lawsuit Against NSO Group for its Pegasus Spyware Attacks

For a brief primer, Pegasus is essentially spyware that can be silently deployed against a target and used to monitor everything on a person’s mobile device. According to the filing, the Pegasus software was first identified by researches at Citizen Lab at the University of Toronto, where it was discovered Pegasus could initiate what is known as a “zero-click exploit,” meaning it could deploy without any input from the user. The attack, which Citizen Lab named FORCEDENTRY, worked in several stages. First, the company allegedly contacted Apple’s servers in the US to identify other Apple users, then worked to confirm the target was using an iPhone. Next it sent “abusive data” to the target via iMessage, which disabled logging and allowed it to upload a bigger file, which was the payload. That bigger file was stored on iCloud servers, then delivered to the targets’ phones. One the Pegasus payload was in-place, it began communicating to a command-and-control server, whereby a person could send commands to the phones. This allowed 3rd parties to control the phones remotely, vacuuming up call logs, web browser history, contacts, and even let them turn the phone’s microphone and camera on, and send what it captured back to the nefarious server. A consortium of global journalists launched an investigation in July into this situation, dubbed the Pegasus Project, and found, “Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi.”

Apple Files Lawsuit Against NSO Group for its Pegasus Spyware Attacks

This seems like pretty standard spyware stuff, but what’s so remarkable about it is the zero-click aspect, as typically a user has to initiate the deployment of malware/spyware by clicking on a link sent to them, or take some kind of action. Not this time. This type of activity is only possible because NSO Group and other companies like it employ researchers who work to discover unknown vulnerabilities in popular software such as iOS, Microsoft Windows, and others, and use these gaps in security to develop software that can penetrate target devices before the developer catches on that there’s a flaw. The security holes are typically known as Zero Days, because the developer has had zero days to fix the security flaw. Companies like Apple, Microsoft, Google and others have massive cyber security teams of their own who work to find these security flaws before rogue actors do, but given the complexity of the software involved, it’s a never-ending battle against companies like NSO Group. Also, in September Apple patched the vulnerabilities that allowed Pegasus to run with its iOS 14.8 update, and in its press release the company notes, “Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions.”

This is not the first time NSO Group has been in the headlines. The US government blacklisted the company earlier this month, “after determining that its phone-hacking tools had been used by foreign governments to ‘maliciously target’ government officials, activists, journalists, academics and embassy workers around the world,” according to The Post. The company is also embroiled in a lawsuit with WhatsApp over claims its spyware was used to hack 1,400 users of its app. Earlier this month, the Ninth Circuit Court of Appeals rejected NSO Group’s claim that it should have “sovereign immunity” in the case.

If you’re interested in a deep-dive on the NSO Group, the podcast Darknet Diaries recently posted an episode about it, including an interview with the Citizen Lab researchers that discovered Pegasus. You can also read Apple’s full complaint right here.

Continue reading

The Xbox Series S Is Handicapped by Its Storage Capacity
The Xbox Series S Is Handicapped by Its Storage Capacity

The Xbox Series S has been favorably received, for the most part, but the console's low base storage makes the Xbox Series X a better value for a lot of people.

In Massive Shift, Apple Announces New Macs With ARM-Based M1 Chip
In Massive Shift, Apple Announces New Macs With ARM-Based M1 Chip

Apple saw huge success the last time it switched architectures to Intel, but this time? The jury's still out, but one thing is certain: Apple is about to make a lot more money.

Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops
Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops

Apple's new M1 silicon really looks amazing, but it isn't faster than 98 percent of the PCs sold last year, despite what the company claims.

What Does It Mean for the PC Market If Apple Makes the Fastest CPU?
What Does It Mean for the PC Market If Apple Makes the Fastest CPU?

Apple's M1 SoC could have a profound impact on the PC market. After 25 years, x86 may no longer be the highest-performing CPU architecture you can practically buy.