NSO Group, commonly abbreviated NSO, is an Israeli developer and
supplier of cyber surveillance software, based in Herzliya
(near Tel Aviv, Israel). The company develops sophisticated hi-tech spy software to target a range of communications equipment, such as
telephone exchanges and mobile phones, including Apple's iPhone,
and supplies it to governments and law enforcement agencies in
~ 40 countries. 1
Among NSO's customers are regimes of questionable reputation.
NSO is named after the initials of Niv Carmi, Shalev Hulio and
Omri Lavie – all former members of Unit 8200 of the Israeli Intelligence Corps – who founded the company in 2010. The company is a subsidary of
Q Cyber Technologies.
In 2017 it employed nearly 500 people, a 10-fold increase over
2014, whilst the turnover rose from US$ 40 million in 2013
to US$ 150 million in 2015.
According to NSO, the company supplies its products to approx. 60 military,
law enforcement and intelligence agencies in 40 unnamed countries, 1 and
claims that it rigorously vets their human rights records before allowing
them to use its tools. In addition, the Israeli Ministry of Defence conducts
its own analysis from a human rights perspective, before issueing an export
Source: NSO Report . The Citizen Lab has tracked 45 countries .
NSO products on this website
On 1 August 2018, human rights group Amnesty International accused NSO of
helping the Saudi Government spy on a member of its staff . In October 2018,
The Citizen Lab reported that they were being targeted by undercover operatives
connected to NSO, at a time when Citizen Lab was investigating the use of NSO's
against a journalist's mobile phone .
It is widely speculated that the
Pegasus Spyware played a key role
in the murder of Saudi dissident Jamal Kashoggi by agents of the Saudi Government a few days later.
In October 2019, NSO was sued by instant messaging company WhatsApp and its
parent company Facebook under the US Computer Fraud and Abuse Act (CFAA).
In December 2020, The Citizen Lab revealed that the iPhones of at least 36
journalists, and other operatives of Al Jazeera and Al Arab TV had been hacked
by means of NSO's Pegasus spyware,
using weaknesses in iMessage and iOS .
As it was a so-called zero-click exploit, it required no action from the user.
The weaknesses were subsequently fixed by Apple in iOS 14.
In July 2021, Amesty International and Forbidden Stories revealed in
the Pegasus Project, that
NSO's Pegasus spyware
was used by various regimes to eavesdrop on the
communications of civil rights activists, lawers, dissidents, journalist,
politicians and others . NSO strongly denied the allegations through its website,
and has since refused to speak with the press .
In a response, Amnesty repeated that
it stands by the results of its Pegasus Project investigation .
In September 2021, The Citizen Lab discovered that NSO had changed the attack
vector of its Pegasus spyware,
and had been able to hack into iPhones again
since at least February 2021 – again through iMessage – using a weakness in
Apple's CoreGraphics library .
A week later, Apple released a security update for its iOS and MacOS products
that fixed the weakness .
- Wikipedia, NSO Group
Retrieved July 2021.
- Amnesty International, Amnesty International among targets of NSO-powered campaign
1 August 2018. Updated 1 October 2018.
- Raphael Satter, Undercover agents target cybersecurity watchdog
The Seattle Times (via AP News). New York, 25 January 2019.
- Amnesty International, Pegasus Project: Apple iPhones compromised by NSO spyware
19 July 2021.
- NSO Website, Enough is Enough
21 July 2021. Visited 26 July 2021
- Amnesty International, Amnesty categorically stands by Pegasus Project data set
22 July 2021.
- Wikipedia, Pegasus (spyware)
Retrieved July 2021.
- NSO Group, Transparency and Responsibility Report 2021
30 June 2021. Retrieved July 2021.
- Bill Marczak, John Scott-Railton, Sarah McKune, Bahr Abdul Razzak and Ron Deibert, Hide and Seek — Tracking NSO Group's Pegasus Spyware to Operations in 45 Countries
18 September 2018.
- The Citizen Lab, The Great iPwn
Bill Marczak, John Scott-Railton, Noura Al-Jizawi, Siena Anstis
and Ron Deibert.
20 December 2020.
- FORCEDENTRY, NSO Group iMessage Zero-Click Exploit Captured in the Wild
Bill Marczak, John Scott-Railton, Bahr Abdul Razzak, Noura Al-Jizawi,
Siena Anstis, Kristen Berdan and Ron Deibert.
13 September 2021.
- Apple, About the security content of Security Update 2021-005 Catalina
13 September 2021.
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?|
© Crypto Museum. Created: Saturday 26 June 2021. Last changed: Wednesday, 15 September 2021 - 06:56 CET.