Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Israel Spyware Firm Can Mine Data From Social Media: FT

An Israeli spyware firm thought to have hacked WhatsApp in the past denied a report Friday that it had boasted to clients that it can scoop user data from servers run by technology titans.

An Israeli spyware firm thought to have hacked WhatsApp in the past denied a report Friday that it had boasted to clients that it can scoop user data from servers run by technology titans.

The Financial Times wrote that NSO Group had “told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft, according to people familiar with its sales pitch”.

An NSO spokesperson, responding in a written statement to AFP’s request for comment, denied the allegation.

“There is a fundamental misunderstanding of NSO, its services and technology,” it said. 

“NSO’s products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure as listed and suggested in today’s FT article.”

Amazon and Google told AFP that they were investigating the report, but had so far found no evidence that the software had breached their systems or customer accounts.

“We’ve found no evidence of access to Google accounts or systems, and we’re continuing our investigation,” a spokesman for the California-based internet giant said.

“We automatically protect users from security threats and we encourage them to use tools like our Security Checkup, 2-step verification, and our Advanced Protection Program, if they believe they may be at especially high risk of attack.”

Amazon and Facebook stressed that customer security is a priority and that they were continuing to look into the claims.

“The best defence against this specific type of targeted attack is to maintain a healthy device,” Microsoft senior director Jeff Jones said in response to an AFP inquiry, saying the firm’s systems “are continually evolving to provide the best protections to our customers.”

Cloud service users who suspect their smartphones or other devices have been compromised can reduce their risk with steps such as using account access “tokens” that expire after a short time, Jones said.

Apple did not immediately respond to a request for comment.

– Tapping into smartphones –

In May, Facebook-owned messaging app WhatsApp said it had released an update to plug a security hole that had allowed the insertion of sophisticated spyware that could be used to spy on journalists, activists and others.

It said the attack bore “all the hallmarks of a private company that works with a number of governments around the world”.

It did not name a suspect but Washington-based analyst Joseph Hall, chief technologist at the Center for Democracy and Technology, said at the time that the hack appeared related to the NSO’s Pegasus software.

The tool is normally sold to law enforcement and intelligence services.

The FT, citing documents it said it had viewed and descriptions of a product demonstration, said the programme had “evolved to capture the much greater trove of information stored beyond the phone in the cloud, such as a full history of a target’s location data, archived messages or photos”.

If malware slipped onto a smartphone was capable of obtaining credentials people use to access cloud services, a hacker could conceivably access them too.

NSO says it does not operate the Pegasus system, only licensing it to closely vetted government users “for the sole purpose of preventing or investigating serious crime including terrorism”.

The group came under the spotlight in 2016 when researchers accused it of helping authorities spy on an activist in the United Arab Emirates. 

NSO, based in the Israeli seaside hi-tech hub of Herzliya, near Tel Aviv, says it employs 600 people in Israel and around the world.

Pegasus is a highly invasive tool that can reportedly switch on a target’s cell phone camera and microphone as well as accessing data on the device, effectively turning the phone into a pocket spy.

“Increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk,” the company statement said.

“NSO’s lawful interception products are designed to confront this challenge.” 

*Updated with additional commentary and responses

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cybercrime

Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...