Apple details ‘threat notifications’ for customers potentially under surveillance, files lawsuit vs. NSO Group over Pegasus spyware

Apple filed a legal complaint against the Israel-based tech group over the widely reported Pegasus spyware allegedly used in state-sponsored cyber-surveillance against its customers. The iPhone maker has also detailed how it deploys “threat notifications” to customers that may be subjected to a similar kind of attack.

Several reports revealed that vulnerabilities in previous versions of the iOS and other third-party apps may have been exploited to inject spyware tools to a small number of Apple customers. Now, the company announced it would notify customers if they were potentially under surveillance. In a new support page published earlier this week, Apple said there are currently two ways its customers will receive threat notifications if their system detects activities “consistent with a state-sponsored attack.”

First, the potential target will find a “Threat Notification” banner when they open their Apple ID through appleid.apple.com on a browser. The banner will not include all the details of why a customer is being alerted, but it will notify them to further check the warning sent through email and iMessage. The full message of Apple’s threat notifications will be sent to email addresses and phone numbers linked to Apple IDs of the customers that could be under surveillance.

On the same page, Apple notes that the “vast majority” are unlikely to be targeted with surveillance of this magnitude. But the company still encourages all its customers to update their devices to the latest software, which includes the latest security updates. Apple also advises all users to only download apps through the App Store, strengthen their login credentials and passwords, and use two-factor authentication whenever available.

Apple also announced this week that it had filed a lawsuit against the NSO Group due to the reported use of its Pegasus spyware against Apple customers. “Apple’s legal complaint provides new information on NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus,” Apple said. The company’s 22-page complaint can be viewed here.

NSO Group’s website maintains it “creates technology that helps government agencies prevent and investigate terrorism and crime.” However, reports from Forbidden Stories’ “The Pegasus Project” and Amnesty International alleged that Pegasus helped governments to spy on “at least 180 journalists” worldwide. Forbidden Stories also reported that the spyware tool was used against human rights defenders, lawyers, heads of state, union leaders, lawyers, and doctors, among others.

Meta, formerly Facebook, had previously filed a lawsuit against NSO Group. But the defendant sought its dismissal by invoking the Foreign Sovereign Immunity Act. Earlier this month, however, the U.S. Court of Appeals ruled against the cyber-surveillance company, allowing Meta to pursue its complaint. The court’s decision came just a few days after the U.S. government issued a trade ban on the Israeli tech firm.

Photo by Chris Hardy on Unsplash