Apple, Google, Facebook, and Amazon are vulnerable to malware from an Israeli firm
Israel-based cybersecurity company, NSO Group has developed a surveillance tool that can obtain user data from Apple, Google, Facebook, Amazon and Microsoft servers, according to The Financial Times.
NSO Group, whose software product was used to hack Facebook-owned WhatsApp Messenger in May, denied the allegations.
“The Financial Times got it wrong. NSO’s products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure suggested in this article,” the company told CNBC in a statement.
“Increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk. NSO’s lawful interception products are designed to confront this challenge.”
Apparently, the hack appears related to the NSO’s exclusive smartphone malware, Pegasus, which is normally sold to law enforcement and intelligence services.
After the malware is installed on a device, it copies the authentication keys for cloud services—including Google Drive, Facebook Messenger and iCloud—accessed by that device. This malware harvests both information on users’ devices as well as data stored in popular cloud services, including a user’s location data, archived messages, and photos.
Citing an NSO sales document seen by FT, it reported that the malware allows for open-ended access to the cloud data of those apps without “prompting 2-step verification or warning email on a target device.”
The NSO spokesperson said that “increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk. NSO’s lawful interception products are designed to confront this challenge.
“Our products are licensed in small scale to legitimate government intelligence and law enforcement agencies for the sole purpose of preventing or investigating serious crime including terrorism.”
According to the FT, Amazon has until now found no evidence that their systems or customer accounts were accessed by the software. However, the company will continue to investigate the report.
“We have no evidence that Amazon corporate systems, including customer accounts, have been accessed by the software product in question,” a spokesman for the company said.
“We take customer privacy and security extremely seriously, and will continue to investigate and monitor the issue.”
Similarly, Google too did not find any evidence of their accounts being accessed by the software.
“We’ve found no evidence of access to Google accounts or systems, and we’re continuing our investigation. We automatically protect users from security threats and we encourage them to use tools like our Security Checkup, 2-step verification, and our Advanced Protection Program, if they believe they may be at especially high risk of attack,” a Google spokesperson commenting on the FT report said.
Apple responded to reporters from the FT, saying that its iOS is “the safest and most secure computing platform in the world.”
“While some expensive tools may exist to perform targeted attacks on a very small number of devices,” continued Apple, “we do not believe these are useful for widespread attacks against consumers.”
While Microsoft refused to comment on the FT report, it said it is “continually evolving” its protections. Further, a Facebook spokesperson said the company is reviewing the claims in the report.