Quantcast

Israeli-made spyware used to entrap human rights activists in Mexico

A cybersecurity researcher appears to have discovered a "kill switch" that can prevent the spread of the WannaCry ransomware -- for now -- that has caused the cyberattacks wreaking havoc globally
Daniel LEAL-OLIVAS (AFP)
The NSO Group has yet to publicly acknowledge or condemn how Mexico is abusing the software

Software sold by an Israeli software company is apparently being used to target human rights activists, journalists and their families in Mexico.

Those targeted include a professor writing anti-corruption legislation, two of the country's most prominent reporters, and lawyers investigating drug cartel-related kidnappings, the New York Times reported.

The Israeli cyber-arms manufacturer, NSO Group, sold about $80 million worth of spyware to the Mexican government, reported the Times on Monday.

Cyber-security is a major industry for Israel, with many army intelligence veterans going on to hone their skills in the private sector. At least 10 other Israeli companies operate in the field, some of which garner multi-million dollar revenues.

The Israeli company told the New York Times that it sells the tool to governments with an explicit guarantee that the software be used in counter-terrorism or counter-drug trade operations.

The NSO Group relies on its government customers to cooperate in a review if the software is abused, as they turn the findings over to a state agency. In other words, the company is "leaving governments to police themselves," reports the Times.

In the case of Mexico, the NSO Group has yet to publicly acknowledge or condemn how the government is abusing the software to spy on activists and their families.

The software, called Pegasus, can take over a smartphone and use its microphone and camera function to surveil the target. In other words, the phone turns into a covert listening device and its camera can surreptitiously film the user's environment. All of the phone's data, such as contacts, passwords, and browsing history, can also be accessed.

Pegasus infects a targeted phone through SMS text messaging. Traditionally, a person would have to click on a malicious link in order to infect the device, reported Business Insider. Now, an attacker can send a special text message which causes the phone to automatically download the malware. Often, the target has no idea what happened.

"Your smartphone today is the new walkie-talkie," company co-founder Omri Lavie told the Financial Times in 2013. "Most of your typical solutions for interception are inadequate, so a new tool had to be built."

The company bills governments based on the number of surveillance targets, reports the New York Times. For example, to infiltrate 10 iPhone users, the NSO Group charges some $1.1 million for spying and installation.

Shrouded in secrecy, the Israeli company lacks a working website. NSO is headquartered in Herzliya and it was founded in 2010 according to LinkedIn.

A San Francisco-based private equity firm, Francisco Partners, bought up a majority stake of the NSO Group for $120 million in 2014. Despite the change in stock ownership for the privately-held company, operations remain in Israel.

According to its LinkedIn profile the company is "unique in the field of Internet security software solutions."

Its co-founders are Lavie and Shalev Hulio.

Many of the NSO Group's current employees were alumni of Israel's elite army intelligence branch, Unit 8200.

Unit 8200 has come under scrutiny before for questionable surveillance practices. In 2014, dozens of intelligence reservists refused to serve, claiming that Unit 8200 practiced mass surveillance over the Palestinians without judicial oversight and privacy safeguards.

Comments

(0)
8Previous articleNetanyahu: there won't be a government better for the settlements than ours
8Next articleVIDEO: Rare encounter with a whale shark off southern coast of Israel