Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Businesses Security Technology

An Employee of NSO Group, Which Sells Powerful Spyware, Allegedly Stole Company's Tools For Personal Profit (vice.com) 48

Joseph Cox, reporting for Motherboard: NSO Group sells some of the most potent, off-the-shelf malware for remotely breaking into smartphones. Some versions allow a law enforcement or intelligence agency to steal essentially all meaningful data from an iPhone with no interaction from the target. Others just require the victim to click one link in a carefully crafted text message, before giving up their contacts, emails, social media messages, GPS location, and much more. NSO only sells its tools to government agencies, but a newly released, explosive indictment alleges that a company employee stole NSO's spyware product, dubbed Pegasus, and tried to sell it to non-authorized parties for $50 million worth of cryptocurrency.

These capabilities "are estimated at hundreds of millions of [US] dollars," a translated version of the indictment reads. Several Israeli outlets were the first to report on and upload the indictment. The news shows a danger often highlighted by critics of the malware industry: that hacking tools or exploits typically reserved for law enforcement or intelligence agencies may fall into other hands. Omri Lavie, the co-founder of NSO, told Motherboard in an online chat "no comment."

This discussion has been archived. No new comments can be posted.

An Employee of NSO Group, Which Sells Powerful Spyware, Allegedly Stole Company's Tools For Personal Profit

Comments Filter:
  • by Anonymous Coward

    What goes around comes around?

    • The sentence reads as if these are the most off-the-shelf and potent malware. That bugs me. The bad guys already have plenty of exploits, and most users don't even do the most basic things for security.

      For example, we know we shouldn't re-use passwords, we know the password we always use is probably in a data dump somewhere, but we keep using it. The number one most important security thing we can all do is have well-tested off site backups. (Think cryptolocker etc, and rootkit / malware recovery). When i

  • by qbast ( 1265706 ) on Thursday July 05, 2018 @07:42AM (#56895504)
    Employees of a scummy company are also scum. News at 11.
  • by cerberusss ( 660701 ) on Thursday July 05, 2018 @08:08AM (#56895646) Journal

    Breaking news: thieving tools stolen!

    In a move that stunned nobody, a thief stole from crime lord. The crime lord in question sold thieving tools to corrupt governments to spy on their citizens. When business took off, the crime lord hired a local thug. When the crime lord looked the other way, the thief left with all of the inventory! The crime lord took to the courts and explained his plight.

    When the courts laughed in his face, he threatened to expose the moral bankrupcy of several national institutions. Soon after, an attorney general helped him rewrite his complaint, not mentioning ordinary theft but rather calling it "industrial spionage" and was thus able to spend the taxes of citizens to spy on them. The crime lord himself told Motherboard in an online chat "no comment."

  • by nehumanuscrede ( 624750 ) on Thursday July 05, 2018 @08:52AM (#56895788)

    There is a financial breaking point for everyone where they will sell out and give you anything you want from them.
    No matter how rich you are, no matter how moral or ethical you are, the vast majority of people will cave in eventually once the price is high enough.

    For this reason alone, I laugh when Government and LE types try to claim there is no way such secrets can ever fall into the wrong hands.

    People are, and have always been, the weakest link in the chain.

  • by dwillden ( 521345 ) on Thursday July 05, 2018 @09:01AM (#56895802) Homepage
    And thus the proof to the argument that if a backdoor or entry method exists for the authorities, it will get out to the criminals. Someone considered 'trustworthy' will have a price. or will be greedy or disgruntled.

    And all security is then nullified.
  • It seems when a backdoor to iOS appears, Apple takes it sweet time in closing it......while opening yet another backdoor which has not yet been publicly discovered. That's what it looks like from 5 miles up.
  • Heaven forbid Slashdot should actually include some pertinent information in the summary to justify the headline...

One person's error is another person's data.

Working...