Submitted via IRC for BoyceMagooglyMonkey
A former employee of NSO Group, a company that sells zero-days and powerful spyware products to governments around the world, has been arrested and charged in Israel for stealing some of the company's products and attempting to sell it on the Dark Web for $50 million.
Israeli officials did not release the man's name, but the arrest took place last month, on June 5, according to local news outlets who broke the story.
[...] The NSO Group is a controversial company because besides selling its zero-days and spyware to government agencies in democratic states, they've also sold it to abusive regimes. The Citizen Lab team at the Munk School of Global Affairs at the University of Toronto have been tracking many of the cases where NSO's spyware —mainly Pegasus— was abused by governments in recent years.
Source: Former NSO Employee Arrested After Attempting to Sell Spyware for $50 Million
Related Stories
Israeli firm linked to WhatsApp spyware attack faces lawsuit
The Israeli firm linked to this week's WhatsApp hack is facing a lawsuit backed by Amnesty International, which says it fears its staff may be under surveillance from spyware installed via the messaging service.
The human rights group's concerns are detailed in a lawsuit filed in Israel by about 50 members and supporters of Amnesty International Israel and others from the human rights community. It has called on the country's ministry of defence to ban the export of NSO's Pegasus software, which can covertly take control of a mobile phone, copy its data and turn on the microphone for surveillance.
An affidavit from Amnesty is at the heart of the case, and concludes that "staff of Amnesty International have an ongoing and well-founded fear they may continue to be targeted and ultimately surveilled" after a hacking attempt last year.
NSO Group, founded in 2010, supplies industry-leading surveillance software to governments that it says is for tackling terrorism and serious crime, and has been licensed to dozens of countries including Saudi Arabia, Mexico, Bahrain and the UAE.
But there have been a string of complaints in the past few months, documented largely by the Toronto-based Citizen Lab, that the technology has been used to target human rights groups, activists and journalists by several countries – and that there has been no attempt to rein it in.
See also: After WhatsApp hack, NSO faces scrutiny from Facebook and UK public pension fund
WhatsApp's security breach: Made in Israel, implemented worldwide
WhatsApp Rushes to Fix Security Flaw Exposed in Hacking of Lawyer's Phone
Previously: A WhatsApp Call Can Hack a Phone: Zero-Day Exploit Infects Mobiles with Spyware
Related: Israeli Spy Tech Company Allegedly Cracks WhatsApp Encryption (2016)
Former NSO Employee Arrested After Attempting to Sell Spyware for $50 Million
Agents Target Researchers who Reported Software that Spied on Jamal Khashoggi before his Death
(Score: 3, Insightful) by Snotnose on Saturday July 07 2018, @01:35AM (1 child)
He should have posted the code to Wikileaks so the vendors could close their holes. As it is he's in prison and we're all as vulnerable as we were a month ago.
sad
When the dust settled America realized it was saved by a porn star.
(Score: 2) by takyon on Saturday July 07 2018, @01:43AM
Came to say the same thing. It would have been OK if the employee had sold the code to unsavory characters and then the exploits were promptly fixed or the code spread. But the NSA gets to keep the vulns in their tool chest a little longer.
Oh, and fuck that one anon who says he works for this type of company/agency.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Insightful) by Anonymous Coward on Saturday July 07 2018, @02:21AM
Governments abused the spyware...
... can the spyware point in the function flow chart where it was touched?
... is NSO going to sue govs for unlawful modification?
... can anyone think of chil^W the final targets*?
*: specially those whose "crime" was disagreeing with the gov.
(Score: 2, Insightful) by Anonymous Coward on Saturday July 07 2018, @02:25AM (3 children)
Translation: governments that refuse to submit to the USA's imperialism and overreach.
Why should a democratic government have these things anyway? A so-called "abuse regime," being a scary thing, would make sense as customers, given that they're scary and abusive. Why does a democratic government need these things?
Is there some effort I'm completely unaware of in my government that is working to patch these zero-days?
If not, then what does my government need them for?
When will we take control of our government and make it work in our interests instead of working against our interests for the capitalist elite?
(Score: 1, Informative) by Anonymous Coward on Saturday July 07 2018, @02:51AM (2 children)
A three man team walks into a cyber-arms dealer's HQ. They are dressed like they are supposed to be there, but the two in front immediately gun down all of the security guards at the entrance. One in the back carries extra weapons and equipment. The attackers corral a group of employees together and take them as hostages, torturing or killing them until they agree to give access to the zero-days. The third man starts transferring code, emails, and the rest of the data to predetermined upload sites. If the police or anyone else cuts off internet access, kill a hostage immediately and threaten to kill the rest. Spread word on social media of an interesting leak so that people begin downloading the files. With your remaining time, play games with the hostages' lives, surrender to police, kill yourself, or blow up the whole building.
(Score: 1, Touché) by Anonymous Coward on Saturday July 07 2018, @08:09AM
This was an episode of CSI: Miami?
(Score: 2, Offtopic) by realDonaldTrump on Saturday July 07 2018, @06:10PM
Believe me, those leaks absolutely no effect on the outcome of the election. Intelligence stated very strongly there was absolutely no evidence that hacking affected the election results. Voting machines not touched!