A seven-year-old Israeli firm founded by three veterans of Israel’s military intelligence unit is raking in millions selling CIA-tier hacking software to governments around the world. With over 200 employees, a sales arm in Bethesda, Maryland, and a long list of clients identified by watchdogs which have dubious civil rights records, the NSO Group – owned by U.S.-based Francisco Partners, charges $500,000 plus $65K per phone to completely hack and infiltrate a device with their flagship “Pegasus” software suite.
Housed in an office complex in the northern Tel Aviv district of Herzelia, the NSO Group has created the world’s most invasive mobile spy kit responsible for some of the most aggressive attacks in the world of espionage. From Mexico’s misuse of NSO’s software, to the UAE targeting dissidents, to the ex-President of Panama using Pegasus to spy on his enemies, researchers at Canada’s Citizen Lab have uncovered dozens of instances of inappropriate hacking.
The Pegasus software suite uses similar techniques to the CIA for hacking an iPhone, according to Forbes:
Of the similarities between NSO Group and the CIA techniques, the researcher said: “They both use the same vulnerability, but implementation differs a bit.” NSO Group had not responded to a request for comment. It’s entirely possible the CIA used the same technique without going through NSO. -Forbes
The software works by luring people to websites in SMS text messages, where the Pegasus malware package is surreptitiously installed on the device to take advantage of a “zero-day” exploit. As Fast Company explains “anything you can do on the phone, Pegasus can do on your phone,” says John Scott-Railton, a senior researcher at Citizen Lab, which released its initial findings on the spyware in August 2016. “Turning on the camera and watching somebody in the room, turning on the microphone and listening to somebody: It can even do some things that you can’t, like put files on the phone and take files off, to manipulate data on the phone.”
* * *