NSO has blocked more clients from using its Pegasus spyware, according to a source within the company, while it investigates reports of misuse.
The Israeli company was reported to have previously blocked five governments from using the malware after conducting a ‘human rights audit,’ and has now suspended access to others …
We previously outlined the background to this:
NSO Group makes spyware called Pegasus, which is sold to government and law enforcement agencies. The company purchases so-called zero-day vulnerabilities (ones that are unknown to Apple) from hackers, and its software is said to be capable of mounting zero-click exploits – where no user interaction is required by the target.
In particular, it’s reported that simply receiving a particular iMessage – without opening it or interacting with it in any way – can allow an iPhone to be compromised, with personal data exposed.
NSO sells Pegasus only to governments, but its customers include countries with extremely poor human rights records – with political opponents and others targeted. A report by Amnesty International that said that Pegasus was being used to mount zero-click attacks against human rights activists, lawyers, and journalists.
Since then, Apple has issued an iOS security fix that appears to match the exploit reportedly used by NSO, though security researchers say that Apple needs to do more.
Access to Pegasus spyware ‘suspended’ for some governments
The Washington Post last week reported that NSO had previously blocked five governments from using Pegasus, and NPR now reports that more NSO clients have had their access suspended pending investigations into abuse allegations.
Israeli spyware company NSO Group has temporarily blocked several government clients around the world from using its technology as the company investigates their possible misuse, a company employee told NPR on Thursday.
The suspensions are in response to an investigation by the Pegasus Project, a consortium of media outlets that reported the company’s Pegasus spyware was linked to hacks and potential surveillance of telephones of people including journalists, human rights activists and heads of state […]
“There is an investigation into some clients. Some of those clients have been temporarily suspended,” said the source in the company, who spoke to NPR on condition of anonymity.
The Israeli government appears to have applied pressure to the company to do so.
Israeli officials visited NSO’s office in Herzliya, near Tel Aviv, Wednesday, “in order to assess the allegations raised in regards to the company,” the defense ministry said in a statement. The NSO employee said the company was cooperating fully with the probe and sought to prove to Israeli officials that the people named in the media reports were not Pegasus targets.
The earlier WP report named some of the governments in the first wave.
Two people familiar with the company’s dealings said the clients that have been suspended include Saudi Arabia, Dubai in the United Arab Emirates and some public agencies in Mexico. One of the people said the Saudi Arabia decision was a response to the Khashoggi killing.
Those in the second wave are as yet unknown.
NSO has so far adopted contradictory positions, on the one hand saying that it has no way to know how its software is used, and on the other hand denying that it has been used in the cases cited by Amnesty.
Photo: Pongracz Noemi/Unsplash