NSO Overview Updated July 30, 2021

NSO Group, maker of Pegasus spyware for iPhone and Android

See All Stories

14 'NSO' stories

July 2020 - September 2021

NSO Group

NSO Group makes spyware called Pegasus, which is sold to government and law enforcement agencies. The company purchases so-called zero-day vulnerabilities (ones that are unknown to Apple) from hackers, and its software is said to be capable of mounting zero-click exploits – where no user interaction is required by the target.

In particular, it’s reported that simply receiving a particular iMessage – without opening it or interacting with it in any way – can allow an iPhone to be compromised, with personal data exposed.

NSO sells Pegasus only to governments, but its customers include countries with extremely poor human rights records – with political opponents and others targeted. A report by Amnesty International that said that Pegasus was being used to mount zero-click attacks against human rights activists and other innocent targets.

An explosive report from Amnesty International interpreted device logs to reveal the scope of targeted malware attacks in active use targeting Android and iPhone devices, since July 2014 and as recently as July 2021. Exploited devices can secretly transmit messages and photos stored on the phone, as well as record phone calls and secretly record from the microphone. The attack is sold by Israeli firm NSO Group as ‘Pegasus’.

Whilst the company claims to only sell the spyware software for legit counterterrorism purposes, the report indicates it has actually been used to target human rights activists, lawyers and journalists around the world (as many have long suspected).

In July 2021, Apple issued an iOS security fix that appears to match the exploit reportedly used by NSO, though security researchers say that Apple needs to do more.

NSO initially made contradictory statements, first saying that it had no way to monitor how its software was used, and subsequently denying that it was used against the targets described in Amnesty’s report. It then said it would issue no further statements, and would not be answering any questions from the media.

NSO Stories September 8

The German government has reportedly admitted to buying Pegasus spyware, despite the fact that using some of the functionality would break privacy laws in the country. Privacy is a particularly hot-button issue in the country, given the country’s history.

Sources cited in the report say that the version purchased from NSO had certain features disabled so that its use would be lawful in the country …

expand full story

NSO Stories August 24

A newly discovered NSO Pegasus zero-click iPhone attack against a human rights activist managed to succeed despite Apple’s Blastdoor protections, according to security researchers at Citizen Lab.

It is unclear, however, whether the protections Apple added to iOS 14.7.1 would have succeeded in blocking the attack, as it took place at a time when iOS 14.6 was the latest version available …

expand full story

NSO Stories August 4

You may have heard about Pegasus, which is a spyware created by the NSO group based on zero-day vulnerabilities to collect data from smartphones without user consent. Now iMazing has updated its app to include a new tool that can easily detect Pegasus spyware on iPhone.

expand full story

NSO Stories August 2

(Stock image, not one of the stolen photos)
0

NSO’s Pegasus spyware has reportedly been used by governments to obtain private photos from the phones of female journalists and activists.

These photos were then posted online with the aim of attacking their reputation, in at least one case by falsely suggesting that a bikini photo was taken at the home of a journalist’s boss …

expand full story

NSO Stories July 30

NSO has blocked more clients from using its Pegasus spyware, according to a source within the company, while it investigates reports of misuse.

The Israeli company was reported to have previously blocked five governments from using the malware after conducting a “human rights audit,” and has now suspended access to others …

expand full story

NSO Stories July 27

Speculation that yesterday’s iOS security fix was for NSO exploit

Apple yesterday released iOS 14.7.1, with a reference to an iOS security fix for a vulnerability that may have been actively exploited …

NSO Stories July 25

In an interview with the Guardian, the WhatsApp CEO talks about NSO malware and says Apple should “be loud, join in” rather than saying this won’t affect many of its users.

expand full story

NSO Stories July 23

iOS security researcher Will Strafach agrees with a recent claim that Apple can do more when it comes to combating NSO and others who exploit combat zero-day vulnerabilities in iOS.

It follows a report by Amnesty International that said that NSO spyware Pegasus was being used to mount zero-click attacks against human rights activists, lawyers, and journalists …

expand full story

NSO Stories July 21

An associate professor at the Johns Hopkins Information Security Institute has said that Apple can and must do more to prevent NSO attacks.

He argues that while it’s true that it is impossible to completely prevent exploits based on zero-day vulnerabilities, there are two steps that the iPhone maker can take to make NSO’s job much harder …

expand full story

NSO Stories July 19

Over the weekend, an explosive report from Amnesty International detailed targeted attacks towards target human rights activists, lawyers, and journalists using Apple’s iMessage system as a vector by which to deliver the zero-click attacks. In a new statement provided to the Washington Post, Apple defended its security practices and said it leads the industry in security innovation.

expand full story

An explosive report from Amnesty International interpreted device logs to reveal the scope of targeted malware attacks in active use targeting Android and iPhone devices, since July 2014 and as recently as July 2021. Exploited devices can secretly transmit messages and photos stored on the phone, as well as record phone calls and secretly record from the microphone. The attack is sold by Israeli firm NSO Group as ‘Pegasus’.

Whilst the company claims to only sell the spyware software for legit counterterrorism purposes, the report indicates it has actually been used to target human rights activists, lawyers and journalists around the world (as many have long suspected).

expand full story

NSO Stories July 6

Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.

NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …

expand full story

NSO Stories July 14, 2020

Amnesty International has lost a court battle against the iPhone spyware company NSO. The human rights organization wanted an Israeli court to block exports of spyware created by the company.

Amnesty had claimed that hackers spied on one of its staff using spyware tools produced by NSO …

expand full story

Powered by WordPress VIP