The US Federal Bureau of Investigation (FBI) has launched an investigation into NSO Group based on suspicions that US residents and companies may have been compromised for intelligence-gathering purposes.
According to the Reuters news agency, investigators began examining NSO in 2017 during an inquiry into whether US hackers had provided the code necessary for the company to develop smartphone-based surveillance software.
Now, the FBI wants to know if the Israeli spyware vendor has had a part to play in cyberattacks against residents and companies in the country — alongside suspected cyberespionage campaigns against government entities.
According to sources familiar with the matter, part of the investigation also seeks to understand NSO’s business model and whether or not the tools on offer were used in state-sponsored attacks.
NSO touts its surveillance software as products “that help government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe.” However, critics have long argued that governments worldwide abuse these tools to spy on other countries, as well as invade the privacy of their own citizens.
CNET: FTC warns phone companies not to help robocallers
The company’s Pegasus suite, for example, is mobile malware able to intercept communication from Android and iOS devices, extract data, havest live video and audio feeds as well as compromise messaging systems including WhatsApp, Twitter, and Skype.
In October, Facebook-owned WhatsApp filed a lawsuit against NSO, alleging that the company weaponized a zero-day vulnerability in the software’s VoIP calling feature that facilitated attacks against over 1,400 users in the Kingdom of Bahrain, the United Arab Emirates, and Mexico.
The publication says that the court case prompted a fresh wave of talks between the FBI and technology experts.
NSO software has been connected to attacks against government protestors, civil rights movements, lawyers, activists, and diplomats in the past.
A month prior to the lawsuit, security researchers from Citizen Lab published a report that has tracked the deployment of Pegasus, claiming that the surveillance tool has been used in cyberattacks across 45 countries over the past few years. In total, 36 separate users were found; 10 of which were allegedly conducting spying across multiple countries.
TechRepublic: How organizations should handle data breaches
Recently, Amazon CEO Jeff Bezos claimed his smartphone was hacked through a malicious message sent during a conversation with Saudi Crown Prince Mohammed bin Salman in 2018. NSO software involvement is suspected, but the company has denied any involvement.
The FBI has met with Bezos to discuss the incident.
NSO said the company “has not been contacted by any US law enforcement at all about any such matters.” A spokesperson told Reuters that the FBI “adheres to [the Department of Justice] DOJ’s policy of neither confirming nor denying the existence of any investigation.”
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0