HERZLIYA: Israeli spyware Pegasus was used by several countries to hack into the phones including iPhones of journalists, politicians and activists. The spyware was made by the NSO Group, an Israeli surveillance company with ties to corporate giants like Amazon.
iPhones were considered to have the most security in terms of phones, however, the Pegasus leak has shown how vulnerable consumer technology is to attacks by innovative spyware.
Apple’s stock price has already called 2.4% in the wake of these disclosures, reflecting a negative reaction to the company from the market.
Deputy Director of Amnesty Tech Danna Ingleton said: “Apple prides itself on its security and privacy features, but NSO Group has ripped these apart. Our forensic analysis has uncovered irrefutable evidence that through iMessage zero-click attacks, NSO’s spyware has successfully infected iPhone 11 and iPhone 12 models. Thousands of iPhones have potentially been compromised.
“These attacks have exposed activists, journalists and politicians all over the world to the risk of having their whereabouts monitored, and their personal information and used against them. This is a global concern – anyone and everyone is at risk, and even technology giants like Apple are ill-equipped to deal with the massive scale of surveillance at hand,” she said.
Danna Ingleton also called for the NSO Group to stop selling its equipment to governments with a track record of abusing human rights.
The NSO Group was founded in 2010 by Niv Carmi, Omri Lavie, and Shalev Hulio. The founders are ex-members of Unit 8200, an Israeli Intelligence Corps unit that primarily collected signals intelligence (SIGINT). The initial funding for the NSO Group came from a consortium of investors led by Eddy Shalev, a partner in the VC Fund, Genesis Partners.
An analysis by Citizen Lab and Lookout revealed that NSO may have also supplied Pegasus to the UAE. Some of the domains registered by the NSO reflect that the spyware may have been used across Turkey, Israel, Thailand, Qatar, Kenya, Uzbekistan, Mozambique, Morocco, Yemen, Hungary, Saudi Arabia, Nigeria, and Bahrain.
The former President of Mexico Felipe Calderón revealed that he was subject to “an unjustifiable violation of [one’s] rights” when he learnt that he may have been selected for potential targeting.
Shalev Hulio, the Chief Executive of the NSO Group challenged whether the leaked data had any relevance to the NSO Group, however, Hulio said that he was “very concerned” about the leak and vowed to investigate them.
“We understand that in some circumstances our customers might misuse the system,” Hulio said.
According to cybersecurity experts, Pegasus is capable of compromising an iPhone by sending an infected iMessage through its software. This is contrary to the privacy claims made by Apple.