The Elusive NSO Group Who Hacked iPhones With A Single Text
Did you even know about NSO Group before today? This elusive Israeli cyber security is in fact so secretive that it repeatedly changes its name to avoid coming in media or activists glare. The Israeli company that according to a report by Lookout and Citizens Lab sold iPhone zero-days to government authorities around the world to enable them to spy on activists, journalists, and dissidents has managed to remain low-key because it wants to.
However, NSO Group is a big name in top secret cyber surveillance community which includes many government agencies like NSA. It has managed to create a big name for itself by creating some of the top malware which allows governments to spy on its citizens. The iPhone hack with a text message is just a small example of the expertise NSO Group has in cyber security matters.
“NSO Group are a highly valued surveillance company purporting to sell some of the most advanced spyware on the market,” Edin Omanovic, a research officer at Privacy International, told Motherboard in an email. “Given the secretive nature of the company however, as with everything in the surveillance industry, it is very difficult to separate fact from marketing.”
Immediately after the story about iPhone zero-days broke out, NSO Group came out with a prepared sterotype statement, saying the company’s “mission is to help make the world a safer place“ and that it only sells to “authorized“ governments. The company also denied having any knowledge of the attack caught by Citizen Lab, and that it “does NOT operate any of its systems.“
So what exactly is NSO Group?
According to Thomas Fox-Brewster of Forbes, NSO Group employees are no different than other tech employees in Google or Facebook. They attend their offices in Herzelia, in Tel Aviv’s northern district and settle down to code., take the lift in the plain looking complex – all
However, it is the work that they do makes them a class apart. Their job, it seems, is to make malware that can break into otherwise impregnable systems like the iPhone hack which was reported today. The company, according to analyses from Citizen Lab and Lookout Mobile Security, discovered three previously-unknown and unpatched iOS vulnerabilities (known as zero-days) were exploited by the firm, with just one click of a link in a text required to silently jailbreak the phone. This allowed its malware, codenamed Pegasus, to install on the phone, hoovering up all communications and locations of the targeted iPhones. That includes iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram and Skype communications, amongst other data. It can collect Wi-Fi passwords too.
The CSO Group employees have created a malware, codenamed Pegasus, can do what no other malware discovered upto now couldn’t. It can spy on all communications and locations of the targeted iPhones. That includes iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram and Skype communications, amongst other data. It can collect Wi-Fi passwords too.
NSO Group was founded in Israel in 2010 with funding from veterans of the country’s elite 8200 intelligence unit. NSO Group’s founders are Niv Carmi, Omri Lavie, and Shalev Hulio. Here is a photograph of one of its co-founders, Omri Lavie.
Lavie and his partners have developed NSO into one of the most secretive outfits in the spying business. According to Reuters, the company, which specializes in the exploitation of mobile phones, has changed its name several times, much like the private military contractor Blackwater (now Academi).
Brewster from Forbes says that NSO Group’s existence was only known after their move into America and limited information on contracts: one allegedly for the former Panama president Ricardo Martinelli and another for Mexico
“If you want to work successfully in the cloak and dagger battlefield of cyber, you don’t want just anyone Googling your information,”Lavie,told Defense News in 2013 in a rare interview. Although the company does not have a website, on his LinkedIn profile, Lavie describes himself as “a serial entrepreneur, angel investor, early adopter of technologies.”
Money is no issue to NSO Group because it has ample funding. In 2014, US private equity fund Francisco Partners acquired a majority stake in NSO for around $120 million. Just over a year later, Francisco valued the NSO Group at around $1 billion. At the end of 2015, it had an annual revenue of approximately $75 million, according to Reuters.
NSO Group has also been known to poach talent from big tech companies. The company’s current director of product management used to work at NICE Systems, which also sells surveillance technology, and its director of business development until recently worked at the defense contractor Elbit Systems. In all, NSO employs at least 200 people, according to its LinkedIn page.
It reportedly has several malware and zero-day’s under its belt but the star performer remains Pegasus. You can guess the power of Pegasus which can remotely hijack an iPhone just by sending a ordinary text containing a phishing link.
Whereas the Italian vendor Hacking Team, a well-known competitor of NSO, relied mostly on malicious apps, or even physical access to a device, to attack targets, the Israeli company is able to remotely compromise the iPhone—and presumably Android and Blackberry phones—with a string of exploits triggered by a successful phishing message.
NSO Group has reportedly sold Pegasus to many governments of countries such as Turkey, Israel, Thailand, Qatar, Kenya, Uzbekistan, Mozambique, Morocco, Yemen, Hungary, Saudi Arabia, Nigeria, and Bahrain, though there was no clear evidence.