Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday December 07 2021, @05:47AM   Printer-friendly
from the free-for-all dept.

American diplomats' iPhones reportedly compromised by NSO Group intrusion software:

The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

"Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers' access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven't received any information nor the phone numbers, nor any indication that NSO's tools were used in this case."

[...] The Israel-based company, recently sanctioned by the US for allegedly offering its intrusion software to repressive regimes and sued by both Apple and Meta's (Facebook's) WhatsApp for allegedly supporting the hacking their customers, says that it will cooperate with any relevant government authority and pass on what it learns from its investigation of the incident.

[...] The spyware company insisted it is unaware of the targets designated by customers using its software.

"To clarify, the installation of our software by the customer occurs via phone numbers. As stated before, NSO's technologies are blocked from working on US (+1) numbers," NSO's spokesperson said. "Once the software is sold to the licensed customer, NSO has no way to know who the targets of the customers are, as such, we were not and could not have been aware of this case."

[...] On November 23rd, when Apple announced its lawsuit against the NSO Group, the iPhone maker also said that it will notify iPhone customers targeted by state-sponsored hacking. That same day, Norbert Mao, a lawyer and President of the Democratic Party in Uganda, posted on Twitter that he'd received an Apple threat notification.

[...] In June, the Washington Post reported that NSO's Pegasus software was implicated in the attempted or successful hacking of 37 phones belonging to journalists and rights advocates, including two women close to murdered Saudi journalist Jamal Khashoggi. The report said the findings undermined NSO Group's claims that its software was only licensed for fighting terrorists and for law enforcement.


Original Submission

Related Stories

FBI Admits it Acquired NSO's Pegasus Spyware in 2019 17 comments

Despite confirming its purchase, the bureau claims Pegasus was never used in any FBI investigation:

According to the report, the deal struck between the FBI and NSO was a one-year test project worth around $5 million. Despite "not using it at all... like, not even switching it on," according to a source, the FBI renewed the contract for another year, bringing the deal up to $9 million.

The deal was agreed upon following a "long process" of disagreements on how much control NSO Group would retain over its software, a source told The Guardian. The FBI reportedly took issue with NSO's policy of keeping sensors on its technology in order to be alerted if it was moved by a government client and to keep track of its physical location.

In addition, the bureau was reportedly wary of allowing NSO engineers to install Pegasus on FBI computers, instead agreeing to keep the spyware in a large container.

The FBI stated it bought access to NSO's spyware in order to "stay abreast of emerging technologies and tradecraft."

Previously on SN:


Original Submission

Politics: The Battle for the World’s Most Powerful Cyberweapon 23 comments

The Battle for the World's Most Powerful Cyberweapon [Ed's Comment: If paywalled try https://archive.fo/cbnUR]

In June 2019, three Israeli computer engineers arrived at a New Jersey building used by the F.B.I. They unpacked dozens of computer servers, arranging them on tall racks in an isolated room. As they set up the equipment, the engineers made a series of calls to their bosses in Herzliya, a Tel Aviv suburb, at the headquarters for NSO Group, the world's most notorious maker of spyware. Then, with their equipment in place, they began testing.

The F.B.I. had bought a version of Pegasus, NSO's premier spying tool. For nearly a decade, the Israeli firm had been selling its surveillance software on a subscription basis to law-enforcement and intelligence agencies around the world, promising that it could do what no one else — not a private company, not even a state intelligence service — could do: consistently and reliably crack the encrypted communications of any iPhone or Android smartphone.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by Mykl on Tuesday December 07 2021, @06:09AM (5 children)

    by Mykl (1112) on Tuesday December 07 2021, @06:09AM (#1202637)

    NSO is a fascinating case study of Realpolitik.

    Despite being an Israeli company (and tied pretty tightly to the Israeli Government due to the nature of their product), they have managed to forge some cosy relationships with many middle-eastern countries normally hostile to Israel. It could be argued that Israel are actually using NSO to assist in their diplomatic efforts. Pity that comes at the expense of a few journalists, political opponents etc.

    The US would shut down NSO if it were US-based, and would sanction the absolute hell out of its host country if it operated anywhere in the world other than Israel. As it is, they are likely to get a pass due to the 'special relationship' that the US has with Israel, and the cover story about not working on "+1" numbers.

    Despite the bad press, I doubt NSO's business has been hurt too much by these revelations.

    • (Score: 4, Funny) by Anonymous Coward on Tuesday December 07 2021, @07:16AM (1 child)

      by Anonymous Coward on Tuesday December 07 2021, @07:16AM (#1202641)

      due to the 'special relationship'

      You mean because the USA is Israel's bitch.

      Now shut-up and violate the constitution by banning talking about BDS.

      • (Score: 0) by Anonymous Coward on Saturday December 11 2021, @08:42PM

        by Anonymous Coward on Saturday December 11 2021, @08:42PM (#1203986)

        We're currently banning Huawei, not just domestically, but in as many 'partner countries' as we can over the threat of them accessing our phone networks through backdoors, and yet somehow having the keys to 90+ percent of the worlds desktop and server PCs, accessable via the network, no less, is beyond us. There is a reason the HAP bit was added to Intel hardware for the CIA/NSA, and it's one they refuse to discuss, or consider that everybody should have access to (nevermind actual source code access and the ability to delete, replace, and insert their own signing key in its place. Israel is great for the status quo, but for anyone who wants to see humanity advance, its access to certain markets and its 'trusted' status need to be severely curtailed, under the same reasonings we do China. But saying that is not kosher in todays political climate. Something that has been cultured for 50+ years. Kind of like saying American is a sham Democracy. Or China is as communist as Winnie the Pooh (licensed to you by Disney.)

    • (Score: 0) by Anonymous Coward on Tuesday December 07 2021, @12:18PM (2 children)

      by Anonymous Coward on Tuesday December 07 2021, @12:18PM (#1202651)

      The NSO group has been doing quite a steady business with the US government. It was unusual to see them sanctioned--and now we have a plausible story why. They bit the hand that feeds and protects them.

      Israel is just a US state anyway. Nothing wrong with it, but we generally try to protect our own states and their companies--until they mess with the kingmakers.

      • (Score: 0) by Anonymous Coward on Tuesday December 07 2021, @01:49PM (1 child)

        by Anonymous Coward on Tuesday December 07 2021, @01:49PM (#1202657)

        The question is, given the relationship, what would be an approiate response for a friend's transgression?

        How about a 10% rebate on last year's total grant given to the govt along with an actual plan to prevent it from happening in the future.
        No wink or nod on either. They need to actually happen without some other future deal canceling them out.
        If they can't figure out a plan, they can ask the russians. They seem to know how to make s/w that knows where not to go.

        • (Score: 3, Touché) by Anonymous Coward on Tuesday December 07 2021, @05:04PM

          by Anonymous Coward on Tuesday December 07 2021, @05:04PM (#1202691)

          If you are going to kneel down and let them kill your sailors, [wikipedia.org] there's no way you'll do anything just because they listened to your phones. Pussies.

  • (Score: 4, Insightful) by looorg on Tuesday December 07 2021, @01:35PM (2 children)

    by looorg (578) on Tuesday December 07 2021, @01:35PM (#1202656)

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "To clarify, the installation of our software by the customer occurs via phone numbers. ... "Once the software is sold to the licensed customer, NSO has no way to know who the targets of the customers are, as such, we were not and could not have been aware of this case."

    Waaait. So their spyware calls home to? So it's not just some "hack" but there is a whole infrastructure behind it where the devices or the monitoring software calls home to some NSO servers? There has to be if they can block customers access to their system if they find out they are spying on the wrong people. But at the same time they have no idea what happens after the customer paid its licensing fee. Suure. Which one is it?

    • (Score: 0) by Anonymous Coward on Tuesday December 07 2021, @06:24PM (1 child)

      by Anonymous Coward on Tuesday December 07 2021, @06:24PM (#1202716)
      Possibly both? The banned customers stop getting access to the system (no updates, license keys, support, etc). But they can still install whatever they've downloaded before.
      • (Score: 3, Interesting) by looorg on Tuesday December 07 2021, @07:32PM

        by looorg (578) on Tuesday December 07 2021, @07:32PM (#1202742)

        I would assume it is the case based on what is written. But from the description it seems it doesn't only spy on phones but it's also built up like it was some kind of malware botnet with a command and control function to make sure that you paid your license to spy and I guess possibly get help/support. Then there is probably then some local component where you can monitor the devices that you have under surveillance. Question is how much control do NSO have, can they "secretly" monitor all their customers to get access to all the data to?

  • (Score: 0) by Anonymous Coward on Tuesday December 07 2021, @06:26PM

    by Anonymous Coward on Tuesday December 07 2021, @06:26PM (#1202717)

    The leading theories being excess RF or audio energy.

    If you had your way with the diplomat's cell phone sw, can they emit both?

(1)