Home Technology NSO Group: Israeli firm 'impersonated Facebook to spread spyware'

NSO Group: Israeli firm ‘impersonated Facebook to spread spyware’

Image copyright
Getty Images

Israeli security company NSO Group impersonated Facebook as part of a ploy to get users to install its phone-hacking software, a new report alleges.

An investigation from news site Motherboard claims a Facebook security lookalike domain was set up to spread NSO’s Pegasus hacking tool.

It also claimed to have found evidence that servers inside the United States were used to spread the spying tool.

NSO denies the allegations, labelling them “recycled conjecture”.

The Pegasus spyware, once installed, can read text messages and other data on the phone, track its location with GPS, and access the microphone and camera.

The Israeli firm is already locked in a legal battle with Facebook, which alleges it deliberately spread its software over WhatsApp, compromising hundreds of phones – including those of journalists and human rights activists. It is also, separately, accused of supplying software to the Saudi government which was allegedly used to spy on journalist Jamal Khashoggi before he was killed.

Facebook’s complaint alleged NSO operated the spyware itself. But NSO has asked the court in California to dismiss the case, in part because it says it never uses its spyware – only sovereign governments do.

  • WhatsApp sues Israeli firm over hacking claims
  • Israeli spyware firm pitches to be Covid-19 saviour

Motherboard’s latest investigation revolves around a former NSO employee who, it is claimed, provided it with details of a server allegedly designed to distribute the spyware by tricking people into clicking links.

The server investigated was connected to several different web addresses over a number of years – including one that impersonated Facebook’s security team, the Motherboard report claims.

Facebook told the BBC it had gained ownership of the domain in question four years ago, to stop it being misused.

Other domains used over time included “a link a person could click on to unsubscribe themselves from emails or text messages… and package tracking links from FedEx,” Motherboard reports.

‘Tackling terrorism’

But NSO fiercely denies that it has ever used its products itself.

“We are incredibly proud of our technology’s role in tackling crime and terrorism, but NSO does not operate any of its products,” a spokesman said in a statement. “As we have repeatedly made clear, NSO products are offered to and operated solely by verified and authorised government agencies.”

Motherboard also alleged that one of the servers used to launch the malware was located within the United States – something that NSO says is not possible. Facebook has previously made similar allegations in the WhatsApp legal case.

“We stand by our previous statements that NSO Group products cannot be used to conduct cyber-surveillance within the United States, and no customer has ever been granted technology that enables targeting phones with US numbers,” a spokesman said.

Prof Alan Woodward from the University of Surrey said the possibility of US-based servers being used to deploy the spyware raised “more questions than answers”.

“They appear to have some sort of infrastructure in the US,” Prof Woodward said. “The question is whether the US government is aware of it.”

A Facebook spokesperson said: “NSO Group is responsible for cyber-attacks against human rights activists, journalists, and diplomats, in violation of US law.

“We are committed to protecting the security of our community and are seeking to hold them accountable in court.”

NSO said its official stance remained that which it had put forward in the legal case with Facebook.

“Revisiting and recycling the conjecture of NSO’s detractors… doesn’t change the overall truth of our position, which we have stated to the US Federal Court in California,” it said.

“Factual assertions on all the above have been provided as part of the official court record, and we do not have anything else to add at this time.”

Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Forget FAANG. Value stocks may finally be ready to lead

The S&P 500 Value index (SPYV) gained nearly 5% in the past week, while the S&P 500 Growth Index (SPYG) is up about 2.5%....

Colin Kaepernick compatriot Brandon Marshall — 2016 action ringing true

ENGLEWOOD, Colo. -- Former Denver Broncos linebacker Brandon Marshall, a college teammate and longtime friend of Colin Kaepernick's who kneeled for "The Star-Spangled Banner''...

Air travel is bouncing back … sort of

The number of people passing through airport security checkpoints nearly doubled over the course of the month. The Transportation Security Administration says it screened...

Recent Comments