Menu

Apple suing company behind Pegasus spyware - Affected users to be notified

nso_pegasus_thumbnail

The NSO group is an Israeli cybersecurity firm specializing at governments tools. One such example is Pegasus which allows governments to easily hack iPhones and some android phones. The tool became infamous after it started being used by countless governments around the worlds. The tool came under fire after many civil-rights groups started revealing the dangers of such technology.

About Pegasus

Pegasus is a tool that exploits zero-day vulnerabilities to gain access to users phones. A zero-day exploit is when a hackers finds a vulnerabilities that the developer of the exploit does not know exists. Pegasus is a zero-click exploit meaning that no interaction from the target is needed. NSO has been selling the tool to governments all around the world, this includes many countries with poor human-rights.

The abuse of this tool is nothing new. As it turns out, this tool was used by authoritarian governments to track 'national threats'. Those so called threats include activists, journalists and even lawyers. This came to spotlight after a leak revealed the information of over 50,000 people targeted using the tool. This breach raised even more concerns about pegasus. The leaked information mainly consisted of phone numbers. After forensic analysis on many of the phones of users believed to be targeted, traces of the tool tool were found. It was also revealed that the tool was used to target 2 women really close to Jamal Khashoggi. Khashoggi was a journalist that was brutally murdered in the Saudi consulate in Turkey back in 2018.

A month before the allegations came to light, NSO released a report on their transparency. The report claimed that they have a leading approach to human-rights. Surprisingly this report was not retracted after the breach.

NSOs response

After reports on the data breach went live, NSO responded to all the claims. They denied any human-rights abuses by their tool and claimed that this was just speculation. NSO also claimed that no phone numbers were leaked and that the 50,000 numbers reportedly revealed are fake. They went on to add that their tool was not used to target as many individuals. The company also noted that their tool is not sold to governments with human-right violations. According to their CEO, all customers have to be first approved by Israels national security service.

Americas Response

As soon as the reports came out the US government made a statement. It called the NSO and Pegasus a national security risk. Subsequently all tools, software and equipment made by the company was banned from being sold or operated in the US. Additionally the US State Department and Treasury could be planning more sanctions on the company.

Apple also had a strong response since their phones were also targeted by the tool. The company was quick to file a lawsuit against NSO and its parent company. They are perusing charges for the 'surveillance of apple users'. The company also went on to donate 10 million US dollars to to support cyber-surveillance researchers and advocates. Apple released a long statement on the lawsuit.

Apple also announced that all users affected by the tool will be notified. This is not a difficult task as the tool leaves an easily identifiable trace in the system logs. According to apple a threat notification will pop up when a users signs into his Apple ID.

apple id threat notification

The future of Pegasus

After the whole scandal became public, NSO started feeling the affect. With apple filing a lawsuit, the companies money started to run out fairly quickly. The company started defaulting on many of its loans, and talk on deprecating the tool are being brought up. Once Pegasus is defused the company will be sold. Two American funds are considering buying the company, and investing 200 millions US dollars into it. In such scenario, the company will be developing purely defensive cyber-security tools.

Conclusion

Pegasus is a really dangerous tools that should have never existed in the first place. As soon as the exploits where discovered, they should have been submitted to the developers to be patched. In our opinion NSO should be held accountable for using the exploits to develop a tool and later selling it to many clients around the world. Just like any other cyber-criminal would have, NSO should pay the full price for using such exploits in order to profit. It is still not clear to what extent the tool has been used to violate human-rights.

Comment

Captcha