NSO, an Israeli spyware company, one of Israel’s biggest cybersecurity companies, with a staff of 600, has been ensnared in controversy after allegations that its Pegasus smartphone-snooping technology had allegedly been used by some governments to spy on dissidents and journalists including Omar Abudulaziz a Saudi dissident and a friend of the murdered Washington Post Journalist Jamal Khashoggi.
Unlike companies whose technology protects customers against cyber attack, NSO is a weapons firm that doesn’t deal with data security. It sells offensive software and spyware to governments and law enforcement and espionage agencies.
The Canadian human rights organization Citizens Lab says NSO has sold its platform to 45 countries, including Saudi Arabia.
Founded in 2009 by Niv Carmi, Shalev Hulio and Omri Lavie, NSO is notorious for its involvement in the use of Pegasus to track and hack companies, nations, activists, and journalists with the latest being the phone hacking of Omar Abudulaziz.
Over 400 Whatsaap messages exchanged between the late journalist and Omar was read by the Saudi government, including their plan to start an online youth revolution against the oppressive government ran by the kingdom Crown Prince Mohammad Bin Salam (MBS)
Edward Snowden, former U.S. intelligence worker said that NSO technology was used to help track dissident Saudi journalist Jamal Khashoggi who was killed at the Saudi consulate in Istanbul in October.
Citizen Lab reported hat NSO’s Pegasus spyware had been installed on the phone of Abdulaziz, just as the latter claimed that his phone was being monitored at the time.
However, the firm said that the spyware is a lifeline rather than an invader of privacy. “On a daily basis, NSO assists in saving the lives of thousands of people from the hands of terrorists, drug barons, child-abductors, paedophiles and others,” it said.
Research has shown that Pegasus makes it possible to carry out nearly limitless surveillance of individuals, including taking control of cell phones. Its capabilities include collecting information about a phone’s location, wiretapping into it, recording conversations taking place near a phone and photographing those in the vicinity of the phone.
Other instances NSO Spyware Pegasus was used for illegal spy activities.
Ahmed Mansoor Targeted With iPhone Zero-Day
Ahmed Mansoor is an internationally recognized human rights defender, blogger, and member of Human Rights Watch’s advisory committee. Mansoor, who is based in the UAE, was jailed for eight months in 2011 along with four other activists for supporting a pro-democracy petition.
On the morning of August 10, 2016, Mansoor received an SMS text message that appeared suspicious. The next day he received a second, similar text. The messages promised “new secrets” about detainees tortured in UAE prisons, and contained a hyperlink to an unfamiliar website.
Mansoor quickly forwarded the messages to Citizen Lab researchers for investigation.
Every year since 2011, Mansoor has been targeted with spyware attacks, including with FinFisher spyware in 2011 and Hacking Team spyware in 2012.
Mexican Soda Tax Supporters Targeted with NSO Exploit Links
In response to the political pressure against the soda tax, in mid-2016 public health groups and food scientists prepared a mass media campaign to build support for the tax, increase the tax rate, and call for accountability in how the tax revenue was being spent.
Campaigners held a press conference on June 29, 2016, highlighting misleading and confusing product labelling standards promoted by the food and beverage industry and planned a full launch of their campaign in August 2016.
Campaigners began receiving the spyware links one week after the press conference, and throughout the period that the campaign was being prepared
The same infrastructure used for the Bitter Sweet operation was also used to target a Mexican journalist who wrote a story about government corruption involving the Mexican President’s wife and a high-speed rail contractor, among other domestic targeting.
Senior Mexican Legislators and Politicians Targeted with NSO Spyware
On Monday, June 19, 2017, Citizen Lab published results of an investigation that revealed that 12 individuals in Mexico and the United States were sent at least 76 text messages in an attempt to infect them with government-exclusive spyware called Pegasus. The targets included prominent journalists, lawyers, and a minor child.
Investigation Into Mexican Mass Disappearance Targeted with NSO Spyware
This research note reveals that an international group of experts investigating the 2014 Iguala Mass Disappearance of 43 Mexican students were targeted with Pegasus, the government-exclusive commercial spyware made by NSO Group.
Lawyers for Murdered Mexican Women’s Families Targeted with NSO Spyware
Karla Micheel Salas and David Peña are Mexican lawyers and human rights defenders who have worked on a series of high profile cases. Notably, they represent the families of Nadia Vera, Yesenia Quiroz Alfaro, and Mile Virginia Martin who were slain alongside journalist Rubén Espinosa and Alejandra Negrete in the so-called Narvarte killings. In addition to this case, Salas and Peña are well known for their work on women’s rights.
On September 25 and October 15, 2015, Peña received text messages containing infection attempts with NSO’s Pegasus spyware. The messages were designed to trick him into clicking on the links. Once clicked, the links would infect Peña’s phone. The first message referenced an organization Peña belongs to, the second masqueraded as a “service message”
On October 1, 2015, Salas received a message purporting to inform her of a death and inviting her to awake.
The message contained a link to (smsmensaje[.]mx,) the same domain used to target Peña
NSO Group Infrastructure Linked to Targeting of Amnesty International and Saudi Dissident
Amnesty International reports that one of their researchers, as well as a Saudi activist based abroad, received suspicious SMS and WhatsApp messages in June 2018. Amnesty International researchers have concluded that the messages appeared to attempt to infect these phones with NSO Group’s Pegasus spyware.