Apple is suing a company that makes iPhone-hacking software and notifying a 'small number of users that it discovered may have been targeted'

Apple is suing a company that makes iPhone-hacking software and notifying a 'small number of users that it discovered may have been targeted'
An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv.JACK GUEZ/AFP via Getty Images
  • Apple filed a lawsuit against NSO and its parent company Q Cyber Technologies.
  • The iPhone maker says that the software company's Pegasus tool was used against Apple customers.

Apple filed a lawsuit Tuesday against the spyware firm NSO Group and its parent company Q Cyber Technologies, saying that the Israeli companies market products that have been used to target and harm Apple customers.

In the complaint filed with the US District Court of Northern California, the iPhone maker said the spyware group are "amoral 21st century mercenaries" whose tools have been used against politicians, journalists, activists, and academics.

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," Apple's senior vice president of software engineering, Craig Federighi, said in a statement.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

"While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously," he added.

NSO Group did not immediately respond to Insider's request for comment on the suit.


The lawsuit cites findings from Citizen Lab, a research group at the University of Toronto, which has been documenting nefarious uses of NSO's Pegasus software for several years.

When Citizen Lab reported in September that iPhones were vulnerable to so-called "zero-click" attacks, Apple issued an emergency update of its operating system to block the Pegasus software from gaining entry.

Earlier this month, the US Commerce Department blacklisted the NSO Group for "malicious cyber activities," based on evidence that foreign governments used the company's software to spy on targets both within and outside their sovereign borders.

"NSO's malicious activities have exploited Apple's products, injured Apple's users, and damaged Apple's business and goodwill," lawyers for Apple said in the complaint.

"NSO's malicious products and services have also required Apple to devote thousands of hours to investigate the attacks, identify the harm, diagnose the extent of the impact and exploitation, and develop and deploy the necessary repairs and patches," the complaint said.


Apple is seeking relief for damages, alleging that NSO violated the Computer Fraud and Abuse Act, the California Business and Professions Code, as well as Breach Of Contract for iCloud's Terms of Service and Unjust Enrichment for improper use of Apple's computer servers.

Apple also requested a permanent injunction barring NSO and Q from using any Apple services in the future.

Apple said it plans to contribute $10 million and any damages from the lawsuit to "organizations pursuing cybersurveillance research and advocacy."