Brother
Professional
- Messages
- 2,590
- Reaction score
- 485
- Points
- 83
Is the NSO Group to blame for developing a covert surveillance exploit?
A US court has rejected a motion by the Israeli company NSO Group, developer of the Pegasus spyware software, to dismiss a lawsuit filed by Apple. The corporation accuses NSO of violating laws on computer fraud and other offenses related to infecting Apple customers devices with its spyware.
Apple filed a lawsuit against NSO Group in November 2021 and demanded that the court permanently ban NSO from using any Apple software, services, or devices. The lawsuit alleges that the company violated the U.S. Computer Fraud and Abuse Act (CFAA), the California Unfair Competition Act, and the terms of use of the iCloud cloud service when NSO Group's spyware was installed on victims devices without their knowledge or consent. The NSO has until February 14 to respond to Apple's lawsuit.
According to Apple, Pegasus infected Apple customers devices using a Zero-Click exploit called FORCEDENTRY, which is associated with a vulnerability in processing GIF images in iMessage. The exploit allowed downloading and opening a malicious PDF file without the target's knowledge, giving the attacker access to data in other areas of the device. Once installed on a smartphone, the spyware allows the operator to eavesdrop on phone calls, view messages, and access the camera and microphone without the user's permission.
Despite NSO Group's claims that the company sells its spyware only to governments, and only to investigate terrorism or other serious crimes, Pegasus has been repeatedly used to spy on journalists, activists, political dissidents, diplomats, and politicians. This has led to US sanctions against the company and several lawsuits.
In March 2023, NSO Group asked the court to dismiss Apple's lawsuit, arguing that Apple should file the suit in Israel, NSO Group's home jurisdiction. The company also said that Apple cannot file a CFAA violation claim because Apple itself has not suffered any damage or loss.
The court rejected NSO Group's arguments, noting that "the CFAA's anti-hacking goal is consistent with Apple's charges, and NSO has not proven otherwise."
"Loss" means any reasonable cost to the victim, including the costs of responding to the offense, conducting damage assessment, and restoring data, software, system, or information to its pre-offense state, as well as any lost revenue, incurred expenses, or other consequential damages incurred due to service interruption. According to the court, this is exactly the loss that Apple claimed in its lawsuit.
When asked about the judge's decision, a representative of NSO Group said that the company will continue to fight. A company representative said that the motion to dismiss the claim is part of the legal process in this case. The technology in question is critical for law enforcement and intelligence agencies in their efforts to ensure public safety. The company is confident that after the arguments are presented, the court will rule in favor of NSO Group.
A US court has rejected a motion by the Israeli company NSO Group, developer of the Pegasus spyware software, to dismiss a lawsuit filed by Apple. The corporation accuses NSO of violating laws on computer fraud and other offenses related to infecting Apple customers devices with its spyware.
Apple filed a lawsuit against NSO Group in November 2021 and demanded that the court permanently ban NSO from using any Apple software, services, or devices. The lawsuit alleges that the company violated the U.S. Computer Fraud and Abuse Act (CFAA), the California Unfair Competition Act, and the terms of use of the iCloud cloud service when NSO Group's spyware was installed on victims devices without their knowledge or consent. The NSO has until February 14 to respond to Apple's lawsuit.
According to Apple, Pegasus infected Apple customers devices using a Zero-Click exploit called FORCEDENTRY, which is associated with a vulnerability in processing GIF images in iMessage. The exploit allowed downloading and opening a malicious PDF file without the target's knowledge, giving the attacker access to data in other areas of the device. Once installed on a smartphone, the spyware allows the operator to eavesdrop on phone calls, view messages, and access the camera and microphone without the user's permission.
Despite NSO Group's claims that the company sells its spyware only to governments, and only to investigate terrorism or other serious crimes, Pegasus has been repeatedly used to spy on journalists, activists, political dissidents, diplomats, and politicians. This has led to US sanctions against the company and several lawsuits.
In March 2023, NSO Group asked the court to dismiss Apple's lawsuit, arguing that Apple should file the suit in Israel, NSO Group's home jurisdiction. The company also said that Apple cannot file a CFAA violation claim because Apple itself has not suffered any damage or loss.
The court rejected NSO Group's arguments, noting that "the CFAA's anti-hacking goal is consistent with Apple's charges, and NSO has not proven otherwise."
"Loss" means any reasonable cost to the victim, including the costs of responding to the offense, conducting damage assessment, and restoring data, software, system, or information to its pre-offense state, as well as any lost revenue, incurred expenses, or other consequential damages incurred due to service interruption. According to the court, this is exactly the loss that Apple claimed in its lawsuit.
When asked about the judge's decision, a representative of NSO Group said that the company will continue to fight. A company representative said that the motion to dismiss the claim is part of the legal process in this case. The technology in question is critical for law enforcement and intelligence agencies in their efforts to ensure public safety. The company is confident that after the arguments are presented, the court will rule in favor of NSO Group.
