NSO Group founders buy back their spyware company

The founders of NSO Group, a controversial Israeli spyware vendor, said Thursday that they had re-acquired the company from private equity firm Francisco Partners. NSO Group co-founders Shalev Hulio and Omri Lavie led the acquisition and promised more growth for the company, which reported dozens of customers and $250 million in revenue in 2018. NSO Group did not reveal the terms of the deal, which was supported by Novalpina Capital, a London-based firm. Sources had told CyberScoop in June of 2017 that Francisco Partners was asking for more than $1 billion for NSO Group. Francisco paid $120 million for a majority stake in the company in 2014. NSO Group says it lawfully sells its surveillance technology to governments to combat terrorism and organized crime. However, the company’s signature Pegasus spyware has been used to target journalists, anticorruption watchdogs and political dissidents, according to research from Amnesty International and the University of […]

The post NSO Group founders buy back their spyware company appeared first on CyberScoop.

Continue reading NSO Group founders buy back their spyware company

How sloppy OPSEC gave researchers an inside look at the exploit industry

The companies that make advanced surveillance software are quiet by design. They generate enough press to let the market (i.e., governments) know their products exist, but it’s not as if there’s an app store for mobile spyware. They do make mistakes, though. And thanks to two researchers from Lookout, the public now has more information on how these companies operate. In the course of investigating a new kind of Android-focused mobile malware, Lookout’s Andrew Blaich and Michael Flossman uncovered text conversations among members of a nation-state’s surveillance program. Those files, which were stored on a server that was part of the malware’s command-and-control infrastructure, represented a trove of insight about how much money the particular government budgeted for its program, whether its spies decided to buy exploits or build their own, and why it’s easier than ever for countries to leverage surveillance technology. It started when Blaich and Flossman were analyzing how a single malware sample had manipulated data within the popular […]

The post How sloppy OPSEC gave researchers an inside look at the exploit industry appeared first on CyberScoop.

Continue reading How sloppy OPSEC gave researchers an inside look at the exploit industry

NSO Group spyware used against two Mexican journalists following assassination

One day in May 2017 after the investigative journalist Javier Cárdenas was assassinated in Mexico, two of his colleagues at the Ríodoce newspaper began receiving text messages claiming to have information about the killer. The texts sent to Andrés Villarreal and Ismael Bojórquez, Ríodoce’s director, included links promising evidence that would prove a Mexican drug cartel was behind Cárdenas’ death. But the messages in fact were a surreptitious attempt by a Mexican government-linked organization to hack the journalists’ phones with Pegasus, a hacking tool that would have allowed operators to monitor their text messages, pictures, location and covertly activate the phones’ microphone and camera. Neither man clicked the links, suspicious that public officials were somehow behind the ruse. Researchers later confirmed their hunch, according to the New York Times. “I believe they wanted to search our conversations and messages for clues to the murder of Javier, but we are absolutely against […]

The post NSO Group spyware used against two Mexican journalists following assassination appeared first on Cyberscoop.

Continue reading NSO Group spyware used against two Mexican journalists following assassination

It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price

We’re living in the golden age of spyware and government hacking, with companies rushing to join a blossoming billion dollar market. The weakest among us—activists or journalists—will suffer the consequences if we don’t regulate it appropriately. Continue reading It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price

Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat

A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic. Continue reading Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat

Mobile Phone Call Scams, Pegasus Mobile Spyware, Newegg Data Breach – WB35

This is the Shared Security Weekly Blaze for September 24, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket.  This episode was hosted by … Continue reading Mobile Phone Call Scams, Pegasus Mobile Spyware, Newegg Data Breach – WB35

They Got ‘Everything’: Inside a Demo of NSO Group’s Powerful iPhone Malware

A source managed to see Israeli surveillance vendor NSO Group’s powerful iPhone malware up close. Despite a wave of highly controversial customers, the company appears to be popular worldwide. Continue reading They Got ‘Everything’: Inside a Demo of NSO Group’s Powerful iPhone Malware