NSO Group’s spyware was used in targeted campaigns around the world on a massive scale, according to a major investigation into the leak of 50,000 phone numbers of potential surveillance targets.
An investigation into the data leak connected to the Israeli spyware vendor implies that “authoritarian” governments are using NSO Group’s Pegasus software to compromise mobile devices belonging to human rights activists, political dissidents, lawyers, journalists, and politicians.
Pegasus is a spyware tool with remote access capabilities which can extract handset information, collect conversations taking place over apps including WhatsApp and Facebook, monitor email clients and browser activity, record calls, and spy on victims through their microphone and camera.
NSO Group which is based in Israel, markets its products as intended for governments to detect and prevent local and global threats and also as a method to tackle criminal and terrorist activity.
However, a probe launched by non-profit Forbidden Stories, Amnesty International, and a number of media outlets alleges that the software is being abused to monitor innocents.
As reported by The Guardian, a leaked list of phone numbers accessed by Forbidden Stories and Amnesty International revealed over 50 000 numbers believed to have been “of interest” to NSO Group clients and “selected for targeting” since 2016.
Even though the existence of a phone number does not mean that a handset has been compromised, the consortium’s investigation — dubbed the Pegasus project — says that infection was confirmed in dozens of cases.
The project states that NSO Group contends that its Pegasus software is meant only to help legitimate law enforcement bodies go after criminals and terrorists, and that any other use would violate its policies and user agreements.
The Pegasus Project did find numbers belonging to suspected criminal figures on the leaked list. However, of over 1,000 numbers whose owners were identified, at least 188 were journalists. Many others were human rights activists, diplomats, politicians, and government officials. At least 10 heads of state were on the list.
In response, the Israeli firm slammed the project’s claims to be wrong assumptions and unconfirmed theories. The NSO Group also said that these allegations are so outrageous and far from reality and that they would consider a defamation lawsuit.
According to the company, the data used to back up the Pegasus project’s claims is based on accessible and overt basic information obtained from services such as HLR Lookups and are not related to the customers’ targets of Pegasus or any other NSO products.
These kinds of services are openly available to anyone, anywhere, and anytime, and are commonly used by governmental agencies and private companies worldwide.
The company repeated that its technologies are only sold to vetted governments, law enforcement, and intelligence agencies.
Credit : The Guardian