NSO Cyber Surveillance Spyware Found Selling on the Darknet

NSO Group Offices
Your Rating

A former employee to the Israeli cyber surveillance technology company, NSO, was nabbed trying to sell a classified spyware on the dark web.  The 38-year-old, who had been fired from the job for dissatisfactory work, decided to sell the company’s multi-million spyware.

The spyware he meant to sell is a ‘hacker’s tool’ developed by NSO and sold to governments and law enforcement agencies for surveillance. He targeted a specific buyer on a darknet marketplace with the intention of selling the high valued code for $50 million in cryptocurrency. Police reports indicate that he chose Monero and Zcash for payment. Monero has been pitched as the cryptocurrency of choice by criminals over bitcoin. Monero has been a concern to authorities including FBI. His mission, however, did not materialize as the entity he intended to sell to, alerted NSO on the sale leading up to his arrest.

Further revelations indicate that the 38-year-old, prior to his dismissal, downloaded the code to the hard drive on his computer and subsequently hid it under his bed for the purpose of trade.  The arrest is said to have ‘almost collapsed NSO’.  NSO is the most formidable cyber security company in Israel and has been known to sell spyware to global governments. They strictly sell under the direction of the department of defense and specifically to governments to be used by law enforcement agencies such as the military and several other intelligence apparatuses. It is reported that NSO’s super spyware, Pegasus, is capable of gaining unlimited access to one’s phone. The ease to infect a phone with code can remotely access the camera, read texts, obtain GPS coordinates as well as record call logs. All this can be done remotely and undetected.

Spyware subject to misuse

Although it should strictly be used to monitor criminal activities, it has been used by several governments in a scheme that has cast doubts on the morality of the software.  While NSO insists on selling it to governments to avoid misuses, where departments of defense have to make approvals to ensure it cannot be used for illegal purposes, governments including Mexico and Russia have been reported to use such software illegally.

The Mexican government reportedly tried to use it to monitor journalists and human right activists. In what caused uproars and condemnation in 2017, it was reported that the Mexican government used the spyware to spy on an organization tasked with the investigating on the disappearance of 43 students in Iguala, Guerrero in 2014. One activist is said to have received a bait SMS on the phone reading ‘My father died at dawn today, we are devastated. I am sending you the dates of the wake, hope you can attend.’

Anonymity is key for any type of cyber attack. Thus, when the anonymous text sent a link that would have the details of the wake, no one suspected foul play. However, there was nothing on the link. At that moment of clicking it is suspected this is how NSO’s spyware installed on the phone and put a watch on the activist for two years. In another discovery, it was reported that the spyware was also used to spy on an iPhone belonging to a ‘dissident in UAE’.

Mexican government authorities allegedly spent $80 million on the services by NSO. The Francisco Partners owned a Surveillance Company founded in 2010 said to be worth $1 billion. Industry giants, Blackstone and ClearSky, were reported to be interested in buying the firm but allegedly stopped due to the widespread protests in Mexico.

NSO, in response to the allegations of misuse, insists that the intention of the software is to help governments counter-terrorism and carry out criminal investigations. In a comment to Forbes on the illegal surveillance on citizens, NSO said ‘If the allegations are true, then it is in violation of our business ethics, policies, legal contracts and what we stand for.’

Be the first to comment on "NSO Cyber Surveillance Spyware Found Selling on the Darknet"

Leave a comment

Your email address will not be published.