Meet The Israeli Cyber-Weapons Dealer Paid Millions By Governments To Hack Our Phones

Tyler Durden's picture

A seven-year-old Israeli firm founded by three veterans of Israel's military intelligence unit is raking in millions selling CIA-tier hacking software to governments around the world. With over 200 employees, a sales arm in Bethesda, Maryland, and a long list of clients identified by watchdogs which have dubious civil rights records, the NSO Group - owned by U.S.-based Francisco Partners, charges $500,000 plus $65K per phone to completely hack and infiltrate a device with their flagship "Pegasus" software suite. 


Omar Lavie, co-founder of NSO group

Housed in an office complex in the northern Tel Aviv district of Herzelia, the NSO Group has created the world's most invasive mobile spy kit responsible for some of the most aggressive attacks in the world of espionage. From Mexico's misuse of NSO's software, to the UAE targeting dissidents, to the ex-President of Panama using Pegasus to spy on his enemies, researchers at Canada's Citizen Lab have uncovered dozens of instances of inappropriate hacking.

The Pegasus software suite uses similar techniques to the CIA for hacking an iPhone, according to Forbes

Of the similarities between NSO Group and the CIA techniques, the researcher said: "They both use the same vulnerability, but implementation differs a bit." NSO Group had not responded to a request for comment. It's entirely possible the CIA used the same technique without going through NSO. -Forbes

The software works by luring people to websites in SMS text messages, where the Pegasus malware package is surreptitiously installed on the device to take advantage of a "zero-day" exploit. As Fast Company explains "anything you can do on the phone, Pegasus can do on your phone,” says John Scott-Railton, a senior researcher at Citizen Lab, which released its initial findings on the spyware in August 2016. “Turning on the camera and watching somebody in the room, turning on the microphone and listening to somebody: It can even do some things that you can’t, like put files on the phone and take files off, to manipulate data on the phone.”


One of the suspicious SMS messages Mexican citizens received from the NSO Group software, Photo: Citizen Lab.

The software can even foil encryption - intercepting messages and calls either before or after they are encrypted. Moreover, Pegasus can delete itself, foiling forensic researchers who have called it "the most sophisticated commercial spyware yet to be made public."

And if it can do all that, perhaps, just perhaps, it can also camouflage itself as a Russian hacker and penetrate John Podesta's email system.

Apple and Google have issued security patches to eliminate the "zero-day" exploit used by the NSO (and the CIA) to gain access, however many Android devices have not yet received recent security updates. On top of that, according to Fast Company, "Since Pegasus was first deployed, at least three years ago, security researchers says it’s likely that NSO and other cyberarms makers have developed even more sophisticated techniques."

Installs of an Android version of Pegasus, as found by Google and Lookout, via Fast Company

While NSO's client list is private, Canadian watchdog group Citizen Lab also discovered that NSO has registered several web domains in countries with dubious civil rights records, ostensibly used for hacking purposes - including Uzbekistan, Bahrain, Kenya, Saudi Arabia, Nigeria, Turkey, Qatar, Yemen, Hungary.

In June, Citizen Lab released a report with the New York Times which detailed an extensive effort by the Mexican government to use Pegasus spyware on journalists, human-rights activists, lawyers and others looking into corruption, murders, and even the disappearance of dozens of college students - paying NSO Group $80 million for the software. The Pegasus malware had even been used against scientists and public health advocates trying to battle childhood obesity, such as Mexico's "Soda Tax." 

While NSO said that it only sells to "authorized" government customers, a huge potential for misuse of the system reportedly ended up killing a $400 million deal by Blackstone Group to acquire part of NSO group from Francisco Partners, after Citizen Lab and other human rights groups told Blackstone that NSO could not prevent customers from misusing the spying tool - pointing to over 20 documented cases of reckless misuse. 

“We would expect such a track record to trigger exceptional due diligence by an American company, and we asked Blackstone if they had done so,” says Scott-Railton of Citizen Lab. “We also asked what oversight Blackstone proposed to implement to prevent future misuse, if the purchase had gone through.”

The protest letter Citizen Lab sent to Blackstone regarding its possible stake in NSO, Photo: Citizen Lab.

Former Panama president Ricardo Martinelli was also caught using NSO's Pegasus to hack citizens' smartphones, which the government of Panama has opened an investigation into. Martinelli was reportedly running a personal NSO deployment out of a secret office, in order to spy on opponents, including Americans. 

“What my colleagues and I say informally is, there is the principle of misuse, where it’s only a matter of time if you sell this kind of software to a government that doesn’t have very rigorous rules in place before it gets misused,” adds senior researcher at Citizen Lab, Scott-Railton. “It’s clear that the industry that sells the commercial spyware to governments is not wired to take that very basic fact into account and mitigate it.”

NSO claims every client is fully vetted, however, pointing to Israel's export laws which require the Israeli government body SIBAT to promote and review all weapons exports. NSO also says they have an "ethics committee" that reviews every deal before it's executed, according to a NSO executive who spoke with The Marker

Citizen Lab's Scott-Railton disagrees - insisting that companies like NSO need to institute a more stringent vetting process, and pointing to egregious abuse uncovered by Mexico, the United Arab Emirates and Panama. 

NSO has a U.S. sales arm in Bethesda, Maryland called WestBridge Technologies, which bills itself as a seller of "top-of-the-line technologies to various government agencies in North America, particularly in the U.S.," according to its LinkedIn profile.  Sometime before January, 2015, WestBridge met with U.S. Drug Enforcement Administration (DEA) officials to discuss implementing its software, reported Motherboard, which received leaked emails regarding the meeting. While we don't know the outcome of the meeting, and NSO's offices have been mum on the deal, the strong possibility exists that the DEA has been using NSO software for several years. 

In an interesting "small-world" coincidence, financial disclosure forms reveal that former Trump advisor and short-lived National Security Advisor Lieutenant General Michael Flynn is connected to the NSO group, earning $40,280 from May 2016 through January 2016 on an advisory board of an NSO Group offshoot, OSY Technologies based in Luxembourg. Flynn also worked for NSO Group parent company Francisco Partners, earning "less than $100,000" according to the New York Times. 

When asked by Reuters about reports of NSO software being abused, NSO co-founder Omar Lavie - who is launching a new startup named, Orchestra, with a mission to ironically-enough protect phones from cyberattacks, said "I think people believe that NSO is a company that does good. [Security experts] understand the value that this company has generated for the world. I am extremely proud of NSO." 

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
IntercoursetheEU's picture

Eat, eat, you're skin and phones

Gap Admirer's picture

Buy a straight up Linux phone (yeah, not many out there) and you won't have the "hacked" problem.

https://ubports.com/ I might try it out.

Of course this won't work for the computer illiterate. You have to buy a Nexus 5 (or one of three other phones) then install the OS using the guide/installer.

bobcatz's picture

Probably some FAKE HACKING software.

Like their FAKE HEBREWNESS. http://wp.me/p4OZ4v-Bo

Gap Admirer's picture

Hey, redirect-checker.org shows that your URL hider goes to that BibliCrapBlahBlahBlah web site. You obviously posted it in error as you wouldn't intentionally post links to malware sites, right?

BobEore's picture

ooopsy...

"reveal that former Trump advisor and short-lived National Security Advisor Lieutenant General Michael Flynn is connected to the NSO group, earning $40,280 from May 2016 through January 2016 on an advisory board of an NSO Group offshoot, OSY Technologies based in Luxembourg. Flynn also worked for NSO Group parent company Francisco Partners,"

Shocked... SHOCKED... I tells ya...

to find that - recently sanctified St Mike...

whose modus operandi I ACCURATELY summarized two days back, during our recent pajama party WEEKEND @ DONNIES (tm)

"Flynn... a 'made man' of the cabal which brought down FULL SPECTRE -UM DOMINANCE on the muddled east... some years back,

"had a mission to fulfill in order to get the full 'cut' comin to the type of general who want the trimmings and trappings of 'retirement' ... which he proceeded to do... by switching wardrobe costumes from FULL BORE neocon author of a book about how America should wage 'total, global war on [sraeli-created and directed]"Islamic Terrorism"... "

has been ACTUALLY taking loot from

THE VERY SAME ARMS OF THE $POWER who I have also accurately and repeatedly cast on these pages as the apex of an operation whereby

the top level hand puppets... yur POTUSs POTENTATES PUTINATES AND other impotent string dangled star spangled front men... receive UUUGE payoffs for placing themselves at the disposal of SPECTRE...

whilst middle level puppet o international finance capital(aka - the RUSSIAN DIASPORA TALMUDIC MAYIFA) like Mikey here... and 'generals' in general... get healthy bribes in the form of directorships, consultancy fees, hookers n blo on board mega yachts chartered by guys like

Tevik Arif... and debt laden failed real estate promoters and casino operators find new life in the form of mysterious infusions of capital coming from eastern origins which we won't talk about here...

except to say...

IT'S ALL ok... if yu are an altright TRUMP-HUMPIN TARD of the kind who swing lil-big-man dicks around on these very pages shouting "death to amerika" "I'd do Poutine" "I did Vegas" and ... "when I grow up, I wanna be Jeff Epstein!"\

See how it works now?

A chain of complicit bought n paid for puppets of the moneypower... leading all the way down from top... the the very bottom... the sockpuppet legions o mind wiped zheeple we gonna be seeing the floating decaying carcasses of

float by on this here river... any minute now!

cheka's picture

but russia

even though the US is crawling with skype

BobEore's picture

But.. butt...

time to send in the clowns.

Where's "billy" - the butthurt poet... Mwewn the worm mewin the talmudist toon... and the rest of the Bishops o Bullshit who performed the grisly rites of sanctification over the form of Mike Flynns traitorous ass...butt kissin and a huggin each other as truth got a muggin!

Send in the sockpuppet shills of the moneypower... paid and unpaid... who cry 'death to amerika' daily...

"death to america..n traitors" sez I

cat2005's picture

The operating system won’t matter if there are hardware-based vulnerabilities. I wouldn’t be surprised if there are such vulnerabilities in all modern hardware. For instance we know NSA helped develop encryption standards and left exploitable weaknesses.

Gap Admirer's picture

Hmmmm... Interesting point.

atlas_crumbles's picture

I will guess its the baseband chip with a backdoor since its closed source. This is great news for dummies that keep their bitcoins on their phone. Probably have the jewbook and twatter apps installed as well. Don't even get me started on Google.

SHRAGS's picture

Here is recent example of a mass hardware vulnerability:

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/

Bring the Gold's picture

Yep, this has been implemented in one way or another since fairly early in Caligul...uh...I mean Bush the Younger's reign. It was considered a top priority after 9/11 what with those pesky intelligence created terrorists running around.

SgtShaftoe's picture

Silent circle makes good and secure phones.  As almost a rule, phones are virtually all compromised

any_mouse's picture

No mention on the website about which networks that work with the Ubuntu Touch phones.

Zero mention.

Not even in the FAQ.

My first question was, and is, "will it work on my current network?"

In the Forums a post with a title containing "T-Mobile".

[Edit] Checked Verizon's website and apparently "bring your own device" is a thing now. I am going to check out the Ubunto-phone OS. I hate zee Android-Google jail.

Gap Admirer's picture

Let me know how it works.  I almost pulled the trigger a few times but haven't quite done it.  A very good condition Nexus 5 on eBay can be had for around $60.  The OS is free.  I'm sure as a basic phone it will work fine.  I'd like to see a maps, with traffic, software package for it.  Maybe it has to be web browser based Google Maps.

konputa's picture

Hey baldilocks, that dome is easy for someone to zero in on. Not that I have a thing for arogant, bald morons, but I'm guessing some might.

BlindMonkey's picture

Sickening. How many congress critters have this very tool used on them and their staff?  I bet that number is damn near all of them. 

 

 

Mazzy's picture

Or another question: how many congress critters (or their staffs) own and utilize this tool on others?

War and Fleece's picture

Unless the congress person is some kind of deep state plant (hmm) the  I doubt those fools have the wherewithal to do so. They may wish they could.

War and Fleece's picture

Well then perhaps we should thank NSO for helping us affirm they are crooked. I MEAN THE EMPIRE IS BURNING TO THE GROUND. May as well cheer with the victors and hope we can pass as one of them?

Bring the Gold's picture

Well, you might start by asking the Awan brothers since they run, well ran, the network. What's a more interesting question is who are they working for? ISI was used as a front to relay info just prior to 9/11 as well as wiring payments to Atta. Curiouser and curiouser.

Davilis's picture

This is very old news...

Number 9's picture

stingray towers been around for years..

LetThemEatRand's picture

So they are going with the meme that you need to click on a nefarious link to get hacked.  Gotta keep telling people that they are safe if they are only smart enough not to click on that link.

Gap Admirer's picture

Didn't about half of Hillary(!)'s upper campaign staff click on "that link?"

LetThemEatRand's picture

Yeah, that's what we're told.  Note to this day the FBI has not examind the infected servers.  Because a private company told them what's what, and that's good enough.

dirtyfiles's picture

if u don't know what to do....buy bitcoin

 

i think that came naturally.?.lol

influence..maybe ?

GRDguy's picture

Abraham must be giggling in his grave that his lies about covenants were so effective.

I don't bother with hate; would just like a more sane world not based on lyin', stealin' and killin'.

historian40's picture

The "jewish state" has absolutely nothing to do with any Abrahamic covenant.

VIS MAIOR's picture

but but but but  hillary hillary hillary hillary ............. megarofl 

G-R-U-N-T's picture

If you really want something to worry about watch 'Zero Days', a documentary that delves into the Stuxnet virus. If the U.S. thinks they're in good hands with yet another technology that Israel is involved with, Zero Days may indeed make them think twice.

https://www.amazon.com/Zero-Days-Colonel-Gary-Brown/dp/B01I2EKYTC

PhilofOz's picture

Just the same thing that has near every politician on the planet blackmailed and subservient to the Rothschild/Zionist empire!

Sabibaby's picture

I'm creating a cryprto called hitcoin where you purchase coins to place hits on these cunts!

dunce's picture

Any computer based comuunication can and will be hacked. Snail mail is the most secure. It can be intercepted but only one piece at a time.

DaiRR's picture

Old news.  They've been making big bucks with their hacking software for years.  LOL, some people here think this ability is unique to Israelis.

Clowns on Acid's picture

The Awan Bros were pikers compared to these guys.

White Devil's picture

It’s time to crank up the good ol’ death camps of yesteryear.

Infinite QE's picture

If those death camps had been real, we wouldn't be having a fraction of the problems we have today. Africans would be kept in Africa. Muzzies in muzzie land. And American tax money would be used to make America great.

Infinite QE's picture

Is there any legitimate business run out of Israhell? I mean, I bet even the fruit stands are corrupted.

 

ConnectingTheDots's picture

 

The abuses of NSO are a symptom of a much deeper problem.

Corporations are in the process of consolidating their takeover of governments. Govenments now only serve as tools for these corporations providing a layer of "insulation" from the masses who will vent at the government puppets, while ignoring the puppeteers.

These corporations can now hire the likes of NSO to spy on any perceived threat. These coporations can now hire the likes of Blackwater/Zi to "suicide" any threat they perceive.

When corporations first started, their charters stated that they must be for the public good, and they had sunset dates. This limited them to completing a project deemed for the public good and then the corporation would then be dissolved.

Now corporations have metastasized through mergers and acquisitions into a force that controls the planet. If our current trajectory does not change, in a very short time we will be controlled by about 6 mega-corporations.

Try to think of what it must have been like to live in a "company town" where the company issued the currency, you had to buy at the company store, pay rent to the company, and they controlled your livlihood.

Now imagine this on a global scale.