Developer(s)

NSO Group

August 2016

iOS, Android

Spyware

www.nsogroup.com

CVE-2016-4655: Information leak in kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing them to calculate the kernel's location in memory.

CVE-2016-4656: Kernel memory corruption leads to jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to secretly jailbreak the device and install surveillance software – details in reference.

[43]

CVE-2016-4657: Memory corruption in the webkit – A vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.

Reactions[edit]

NSO Group response[edit]

Responding to August 2016 reports of a targeting of an Arab activist, NSO Group stated that they provide "authorized governments with technology that helps them combat terror and crime", although the Group told him that they had no knowledge of any incidents.[209]

Bug-bounty program skepticism[edit]

In the aftermath of the news, critics asserted that Apple's bug-bounty program, which rewards people for finding flaws in its software, might not have offered sufficient rewards to prevent exploits being sold on the black market, rather than being reported back to Apple. Russell Brandom of The Verge commented that the reward offered in Apple's bug-bounty program maxes out at $200,000, "just a fraction of the millions that are regularly spent for iOS exploits on the black market". He goes on to ask why Apple doesn't "spend its way out of security vulnerabilities?", but also writes that "as soon as [the Pegasus] vulnerabilities were reported, Apple patched them—but there are plenty of other bugs left. While spyware companies see an exploit purchase as a one-time payout for years of access, Apple's bounty has to be paid out every time a new vulnerability pops up."


Brandom also wrote; "The same researchers participating in Apple's bug bounty could make more money selling the same finds to an exploit broker." He concluded the article by writing; "It's hard to say how much damage might have been caused if Mansoor had clicked on the spyware link... The hope is that, when the next researcher finds the next bug, that thought matters more than the money."[210]

Complaints[edit]

WhatsApp[edit]

On 20 October 2019, Meta Platforms Inc.’s WhatsApp filed a lawsuit against Israel's NSO Group for exploiting a bug in its WhatsApp messaging app to install spyware (Pegasus) that allowed the surveillance of 1400 people in 20 countries, including journalists, human rights activists, political dissidents and diplomats.[211] WhatsApp said it was seeking a permanent demand to block NSO from using its service, and asked lawmakers to bar the use of cyberweapons like those NSO Group has sold to governments. On 9 January 2023, the Supreme Court of the United States denied the appeal of NSO of the lower court's decision to continue the lawsuit and allowed WhatsApp to pursue its lawsuit against Israel's NSO Group.[212]

Apple[edit]

On 23 November 2021, Apple announced that it has filed a lawsuit against Israeli cyber company NSO Group and its parent company OSY Technologies for allegedly surveillance and targeting iPhone users with its Pegasus spyware. Apple stated that contrary to NSO's claim of targeting terrorists and criminals, this spyware has also been used against activists, politicians, and journalists.[213] Apple's statement said the company is seeking a permanent injunction to bar NSO Group from using Apple's software, services, or devices to prevent further abuse and harm to users.[214]

DROPOUTJEEP

Hermit (spyware)

IMSI-catcher

List of spyware programs

RCSAndroid from

Hacking Team

Richard, Laurent; Rigaud, Sandrine (2023). Pegasus: how a spy in your pocket threatens the end of privacy, dignity, and democracy (First ed.). New York: Henry Holt and Company.  9781250858696.

ISBN

Kaster, Sean D.; Ensign, Prescott C. (December 2022). . Thunderbird International Business Review. 65 (3): 355–364. doi:10.1002/tie.22321. S2CID 254212426.

"Privatized espionage: NSO Group Technologies and its Pegasus spyware"

Rudie, JD; Katz, Zach; Kuhbander, Sam; Bhunia, Suman (2021). "Technical Analysis of the NSO Group's Pegasus Spyware". 2021 International Conference on Computational Science and Computational Intelligence (CSCI). pp. 747–752. :10.1109/CSCI54926.2021.00188. ISBN 978-1-6654-5841-2. S2CID 249929111.

doi

Chawla, Ajay (July 21, 2021). "Pegasus Spyware – 'A Privacy Killer'".  3890657.

SSRN

"Israel surveillance exports to survive Pegasus scandal". Emerald Expert Briefings. 2021. :10.1108/OXAN-DB263067. S2CID 241381239.

doi

Leander, Anna (March 2021). . Swiss Political Science Review. 27 (1): 205–213. doi:10.1111/spsr.12441. S2CID 233971106.

"Parsing Pegasus: An Infrastructural Approach to the Relationship between Technology and Swiss Security Politics"

Marczak, Bill; Anstis, Siena; Crete-Nishihata, Masashi; Scott-Railton, John; Deibert, Ron (January 28, 2020). Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator. University of Toronto (Report). :1807/102557.

hdl

. PBS Frontline. January 3, 2023.

"Global Spyware Scandal: Exposing Pegasus"