NSO Group, the surveillance firm that could spy on every smartphone

Pierluigi Paganini September 05, 2016

The NSO Group is one of the surveillance companies that allow their clients to spy on their targets through almost any smartphone.

It is quite easy for any Government to spy on mobile users, recently we have discussed the Trident vulnerabilities that were exploited by a surveillance software developed by the NSO Group to deliver the Pegasus malware.

But it could be very expensive if you decide to use the NSO Group’s software, according to The New York Times spy on 10 iPhones will cost $650,000, plus a $500,000 setup fee.

“To spy on 10 iPhone users, NSO charges government agencies $650,000; $650,000 for 10 Android users; $500,000 for five BlackBerry users; or $300,000 for five Symbian users — on top of the setup fee, according to one commercial proposal.” reported The New York Times. “You can pay for more targets. One hundred additional targets will cost $800,000, 50 extra targets cost $500,000, 20 extra will cost $250,000 and 10 extra costs $150,000, according to an NSO Group commercial proposal. There is an annual system maintenance fee of 17 percent of the total price every year thereafter.”

There are several companies that develop surveillance platforms for targeting mobile devices, the NSO Group operated in the dark for several years, until the researchers from the Citizenlab organization and the Lookout firm spotted its software in targeted attacks against UAE human rights defender, Ahmed Mansoor.

The researchers also spotted other attacks against a Mexican journalist who reported to the public a story of the corruption in the Mexican government.

“The company’s internal documents detail pitches to countries throughout Europe and multimillion-dollar contracts with Mexico, which paid the NSO Group more than $15 million for three projects over three years, according to internal NSO Group emails dated in 2013.” added The New York Times.

NSO Group

“Our intelligence systems are subject to Mexico’s relevant legislation and have legal authorization,” Ricardo Alday, a spokesman for the Mexican embassy in Washington, said in an emailed statement. “They are not used against journalists or activists. All contracts with the federal government are done in accordance with the law.”

The New York Times has conducted further investigations on the NSO Group, the company that specializes its offer in surveillance applications for governments and law enforcement agencies around the world.

People familiar with the NSO Group confirmed that the company has an internal ethics committee that monitors the sales and potential customers verifying that the software will not be abused to violate human rights.

Officially the sale of surveillance software is limited to authorized governments to support investigation of agencies on criminal organization and terrorist groups.

Unfortunately, its software is known to have been abused to spy on journalists and human rights activists.

“There’s no check on this,” said Bill Marczak, a senior fellow at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs. “Once NSO’s systems are sold, governments can essentially use them however they want. NSO can say they’re trying to make the world a safer place, but they are also making the world a more surveilled place.”

Companies like the NSO Group operate in the dark, in a sort of “legal gray area,” despite the Israeli government exercises strict control of the export of such kind of software, surveillance applications could be abused by threat actors and authoritarian regimes worldwide.

The principal product of the NSO Group is a surveillance software called Pegasus, it allows to spy on the most common mobile devices, including iPhones, Androids, and BlackBerry and Symbian systems.

Pegasus is a perfect tool for surveillance, it is able to steal any kind of data from smartphones and use them to spy on the surrounding environment through their camera and microphone.

“In its commercial proposals, the NSO Group asserts that its tracking software and hardware can install itself in any number of ways, including “over the air stealth installation,” tailored text messages and emails, through public Wi-Fi hot spots rigged to secretly install NSO Group software, or the old-fashioned way, by spies in person.” continues The New York Times.

Now we have more information about the mysterious NSO Group, but many other companies operate in the same “legal gray area.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – NSO Group, surveillance)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment