Apple Suddenly Drops NSO Group Spyware Lawsuit

![iPhone security](https://www.securityweek.com/wp-content/uploads/2023/11/iOS-security-vulnerabilities.jpg) **Apple has abruptly withdrawn its lawsuit against NSO Group, citing increased risk that the legal battle might unintentionally reveal sensitive vulnerability data and difficulties in acquiring essential information from the spyware vendor.**In a court filing Friday, Apple said continuing the lawsuit now poses ‘too significant a risk’ of exposing the anti-exploitation and threat intelligence efforts needed to fend off the very adversaries involved in the legal dispute.’When it filed this lawsuit nearly three years ago, Apple recognized that it would involve sharing information with third parties. However, developments since then have reshaped the risk landscape associated with sharing such information,’ the Cupertino device maker said.’Apple knows and appreciates that this Court would take the utmost care with the sensitive information relevant to this case. But it is also aware that — now more than ever — predatory spyware companies, including those not before this Court, will use any means to obtain this information,’ the company added.’Any disclosure, even under the most stringent controls, puts this information at risk. Due to the developments since this suit was filed, proceeding forward at this time would now present too significant a risk to Apple’s threat-intelligence program.’The case, originally filed in 2021 in the U.S. District Court for the Northern District of California, [sought to to hold NSO Group accountable](https://www.securityweek.com/apple-slaps-lawsuit-nso-group-over-pegasus-ios-exploitation/) for hacking into Apple’s iOS platforms with so-called zero-click exploits to spy on researchers, journalists, activists, dissidents, academics, and government officials.Apple and WhatApp maker Meta have [accused NSO Group](https://www.securityweek.com/tech-giants-show-support-whatsapp-lawsuit-against-spyware-firm/) of creating ‘sophisticated, state-sponsored surveillance technology that allows its highly targeted spyware to surveil its victims’ and moved to the US courts to ban the company from using its software, services or devices.On Friday, Apple also cited concerns that NSO Group and unidentified officials in Israel may have taken actions to avoid producing information during discovery. ‘This means that going forward with this case will potentially involve disclosure to third parties of the information Apple uses to defeat spyware while Defendants and others create significant obstacles to obtaining an effective remedy,’ the company said. Advertisement. Scroll to continue reading. Apple also pointed to shifting dynamics in the commercial spyware industry and cautioned that even a legal victory might have limited impact on the broader surveillance software landscape.’Defendants have been partly supplanted by numerous other spyware companies, dispersing threats that were once concentrated in a single powerful actor; consequently, even a complete victory in this suit would not have the same impact as in 2021, as other unaffiliated spyware companies would remain unaffected and could continue their destructive tactics,’ the company added.Meta-owned [WhatsApp has also sued](https://www.securityweek.com/whatsapp-sues-israeli-firm-nso-over-cyberespionage/) NSO Group, accusing the controversial company of using its messaging service to conduct cyberespionage on journalists, human rights activists and others.**Related:** [Apple Ships Urgent Patch for FORCEDENTRY Zero-Days](https://www.securityweek.com/apple-ships-urgent-patch-forcedentry-zero-days/)**Related:** [New iOS Zero-Click Exploit Defeats Apple ‘BlastDoor’ Sandbox](https://www.securityweek.com/new-ios-zero-click-exploit-defeats-apple-blastdoor-sandbox/)**Related:** [Apple Adds ‘BlastDoor’ to Secure iPhones From Zero-Click Attacks](https://www.securityweek.com/apple-adds-blastdoor-secure-iphones-zero-click-attacks/)**Related:** [Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits](https://www.securityweek.com/secretive-israeli-exploit-company-behind-wave-zero-day-exploits/) ![](https://www.securityweek.com/wp-content/uploads/2023/11/Ryan-Naraine.jpg) Written By [Ryan Naraine](https://www.securityweek.com/contributors/ryan-naraine/ ‘Posts by Ryan Naraine’) Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world. [](https://www.twitter.com/ryanaraine/)[](https://www.linkedin.com/in/ryanaraine/) More from [Ryan Naraine](https://www.securityweek.com/contributors/ryan-naraine/ ‘Posts by Ryan Naraine’)———————————————————————————————————* [Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI](https://www.securityweek.com/operant-ai-lands-10m-investment-to-boost-runtime-protection-for-cloud-and-ai/)* [Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware](https://www.securityweek.com/google-introduces-air-gapped-backup-vault-to-thwart-ransomware/)* [Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes](https://www.securityweek.com/microsoft-says-windows-update-zero-day-being-exploited-to-undo-security-fixes/)* [Adobe Patches Critical, Code Execution Flaws in Multiple Products](https://www.securityweek.com/adobe-patches-critical-code-execution-flaws-in-multiple-products/)* [Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws](https://www.securityweek.com/google-pushes-rust-in-legacy-firmware-to-tackle-memory-safety-flaws/)* [Russian GRU Unit Tied to Assassinations Linked to Global Cyber Sabotage and Espionage](https://www.securityweek.com/russian-gru-unit-tied-to-assassinations-linked-to-global-cyber-sabotage-and-espionage/)* [Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation](https://www.securityweek.com/microsoft-tackling-windows-logfile-flaws-with-new-hmac-based-security-mitigation/)* [Halliburton Confirms Data Stolen in Cyberattack](https://www.securityweek.com/halliburton-data-theft/)Latest News———–* [Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel](https://www.securityweek.com/post-crowdstrike-fallout-microsoft-redesigning-edr-vendor-access-to-windows-kernel/)* [In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit](https://www.securityweek.com/in-other-news-possible-adobe-reader-zero-day-hijacking-mobi-tld-whatsapp-view-once-exploit/)* [Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks](https://www.securityweek.com/apple-patches-vision-pro-vulnerability-to-prevent-gazeploit-attacks/)* [New ‘Hadooken’ Linux Malware Targets WebLogic Servers](https://www.securityweek.com/new-hadooken-linux-malware-targets-weblogic-servers/)* [House Report Shows Chinese Cranes a Security Risk to US Ports](https://www.securityweek.com/house-report-shows-chinese-cranes-a-security-risk-to-us-ports/)* [UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy](https://www.securityweek.com/uk-data-centers-gain-critical-infrastructure-status-raising-green-belt-controversy/)* [UK Teen Arrested Over Transport for London Hack](https://www.securityweek.com/uk-teen-arrested-over-transport-for-london-hack/)* [1.3 Million Android TV Boxes Infected by Vo1d Malware](https://www.securityweek.com/1-3-million-android-tv-boxes-infected-by-vo1d-malware/) ![](https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark.png) #### TrendingDaily Briefing Newsletter————————-Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. [Virtual Event Attack Surface Management Summit———————————————-](https://www.securitysummits.com/event/attack-surface-management-summit/) September 18, 2024Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.[Register](https://www.securitysummits.com/event/attack-surface-management-summit/) [Event: ICS Cybersecurity Conference———————————–](https://www.icscybersecurityconference.com) Oct. 21-24, 2024 -| AtlantaThe leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.[Register](https://www.icscybersecurityconference.com) #### People on the MoveJanet Rathod has been named VP and CISO at Johns Hopkins University. Barbara Larson has joined SentinelOne as Chief Financial Officer. Amy Howland has been named Partner and CISO at Guidehouse.[More People On The Move](/industry-moves) #### Expert Insights[Evasion Tactics Used By Cybercriminals To Fly Under The Radar————————————————————-](https://www.securityweek.com/evasion-tactics-used-by-cybercriminals-to-fly-under-the-radar/) ![](https://www.securityweek.com/wp-content/uploads/2024/07/Etay_Maor-Cado-Networks.jpg) Relentless in their methods, attackers will continue employing evasion tactics to circumvent traditional security measures. [(Etay Maor)](https://www.securityweek.com/contributors/etay-maor/)[Beyond Immature Rhetoric: The Case Against Mockery and Ambulance Chasing in the Security Industry————————————————————————————————-](https://www.securityweek.com/beyond-immature-rhetoric-the-case-against-mockery-and-ambulance-chasing-in-the-security-industry/) ![](https://www.securityweek.com/wp-content/uploads/2022/04/Josh-Goldfarb-F5.jpeg) Five reasons why ‘Ambulance Chasing’ and mocking harm the security profession and are never a good idea. [(Joshua Goldfarb)](https://www.securityweek.com/contributors/joshua-goldfarb/)[Epic AI Fails And What We Can Learn From Them———————————————](https://www.securityweek.com/epic-ai-fails-and-what-we-can-learn-from-them/) ![](https://www.securityweek.com/wp-content/uploads/2024/07/Stu-Sjouwerman-KnowBe4.jpg) Large language models (LLMs) are trained on vast amounts of data to learn patterns and recognize relationships in language usage. But they can’t discern fact from fiction. [(Stu Sjouwerman)](https://www.securityweek.com/contributors/stu-sjouwerman/)[The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps————————————————————————-](https://www.securityweek.com/the-ai-wild-west-unraveling-the-security-and-privacy-risks-of-genai-apps/) ![](https://www.securityweek.com/wp-content/uploads/2024/03/Alastair-Paterson.jpg) GenAI users are uploading data to over eight apps every month — what are the security and privacy concerns? [(Alastair Paterson)](https://www.securityweek.com/contributors/alastair-paterson/)[Cybersecurity Maturity: A Must-Have on the CISO’s Agenda——————————————————–](https://www.securityweek.com/cybersecurity-maturity-a-must-have-on-the-cisos-agenda/) ![](https://www.securityweek.com/wp-content/uploads/2022/04/Marc-Solomon_Bio.jpeg) Undertaking a cybersecurity maturity review helps leaders establish a benchmark from which to build a proactive improvement strategy. [(Marc Solomon)](https://www.securityweek.com/contributors/marc-solomon/)

Related Tags:
NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 334 – Computer And Electronic Product Manufacturing

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 92 – Public Administration

NAICS: 33 – Manufacturing – Metal

Electronics And Other

NAICS: 516 – Broadcasting And Content Providers

NAICS: 51 – Information

Blog: Security Week

Associated Indicators: