Slashdot Mirror
An Employee of NSO Group, Which Sells Powerful Spyware, Allegedly Stole Company's Tools For Personal Profit (vice.com)
Joseph Cox, reporting for Motherboard: NSO Group sells some of the most potent, off-the-shelf malware for remotely breaking into smartphones. Some versions allow a law enforcement or intelligence agency to steal essentially all meaningful data from an iPhone with no interaction from the target. Others just require the victim to click one link in a carefully crafted text message, before giving up their contacts, emails, social media messages, GPS location, and much more. NSO only sells its tools to government agencies, but a newly released, explosive indictment alleges that a company employee stole NSO's spyware product, dubbed Pegasus, and tried to sell it to non-authorized parties for $50 million worth of cryptocurrency.
These capabilities "are estimated at hundreds of millions of [US] dollars," a translated version of the indictment reads. Several Israeli outlets were the first to report on and upload the indictment. The news shows a danger often highlighted by critics of the malware industry: that hacking tools or exploits typically reserved for law enforcement or intelligence agencies may fall into other hands. Omri Lavie, the co-founder of NSO, told Motherboard in an online chat "no comment."
These capabilities "are estimated at hundreds of millions of [US] dollars," a translated version of the indictment reads. Several Israeli outlets were the first to report on and upload the indictment. The news shows a danger often highlighted by critics of the malware industry: that hacking tools or exploits typically reserved for law enforcement or intelligence agencies may fall into other hands. Omri Lavie, the co-founder of NSO, told Motherboard in an online chat "no comment."
What goes around comes around?
Employees of a scummy company are also scum. News at 11.
magic beans?!
The reality is, there is little difference between the commercial people who are selling to law enforcement, and black hats. To my mind, the companies selling this are already black hats.
So, yeah, you have a shady business selling things to break into other people's stuff. Don't be surprised that some of the shady people who work for your shady business do shady things.
I'm afraid I have no sympathy for this company or any company who makes this shit.
Boo fucking hoo, your super secret hacking tools got stolen by one of your staff. I hope they get used against you and your country.
Hmm, nothing to worry about. The M$50 is now only M$1 and falling. SO pretty soon, the malware will be worthless and then nobody will use it.
Breaking news: thieving tools stolen!
In a move that stunned nobody, a thief stole from crime lord. The crime lord in question sold thieving tools to corrupt governments to spy on their citizens. When business took off, the crime lord hired a local thug. When the crime lord looked the other way, the thief left with all of the inventory! The crime lord took to the courts and explained his plight.
When the courts laughed in his face, he threatened to expose the moral bankrupcy of several national institutions. Soon after, an attorney general helped him rewrite his complaint, not mentioning ordinary theft but rather calling it "industrial spionage" and was thus able to spend the taxes of citizens to spy on them. The crime lord himself told Motherboard in an online chat "no comment."
8 of 13 people found this answer helpful. Did you?
Hacking tools or exploits typically reserved for law enforcement or intelligence agencies ABSOLUTELY WILL WITHOUT FAIL fall into "other" hands.
There is a financial breaking point for everyone where they will sell out and give you anything you want from them.
No matter how rich you are, no matter how moral or ethical you are, the vast majority of people will cave in eventually once the price is high enough.
For this reason alone, I laugh when Government and LE types try to claim there is no way such secrets can ever fall into the wrong hands.
People are, and have always been, the weakest link in the chain.
And thus the proof to the argument that if a backdoor or entry method exists for the authorities, it will get out to the criminals. Someone considered 'trustworthy' will have a price. or will be greedy or disgruntled.
And all security is then nullified.
I'm too lazy to compose a creative sig.
The police are so effective at keeping you safe that you really believe that they're the crooks. You're so fat, dumb and comfortable that you really don't believe that evil people exist.
No, fuckface, the "morally bankrupt" institutions are the ones who have made your world so safe that you can bitch about them. They're composed of people so dedicated to your liberties that they cherish living in a place with such strong protection of freedoms that you can bitch about the security apparatus.
And you, you're so fat and comfortable that you really would support the crooks because you've been told to be mad about the FBI. Naive fool.
Anybody using exploits to get into phones without users' permission is a criminal.
You forget the de-facto First Law of Authoritarianism: Anything done by the authorities is not a crime. Unless it targets higher authorities.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
The sentence reads as if these are the most off-the-shelf and potent malware. That bugs me. The bad guys already have plenty of exploits, and most users don't even do the most basic things for security.
For example, we know we shouldn't re-use passwords, we know the password we always use is probably in a data dump somewhere, but we keep using it. The number one most important security thing we can all do is have well-tested off site backups. (Think cryptolocker etc, and rootkit / malware recovery). When is the last time you tested yours? Yeah me too.
Most of us are pretty easy targets.
Wait, since using the tools is illegal by anybody except the government then the monetary value must be zero.
It seems when a backdoor to iOS appears, Apple takes it sweet time in closing it......while opening yet another backdoor which has not yet been publicly discovered. That's what it looks like from 5 miles up.
The criminals are the ones requesting the backdoor. The others are merely opportunists.
Don't fight for your country, if your country does not fight for you.
NSO Group is an Israeli company.
I'm sure it's safe to assume the code hasn't been contained. Someone else has copies.
The news shows a danger often highlighted by critics of the malware industry: that hacking tools or exploits typically reserved for law enforcement or intelligence agencies may fall into other hands.
Tools are tools; they are used by whoever uses them for whatever purpose they intend to use them for.
Americans are smart enough to understand that if you outlaw guns, only outlaws will have guns.
Export laws once considered strong cryptography to be munitions.
Do we need to consider "hacking tools" to be arms, also covered by the 2nd amendment?
The criminals are the ones requesting the backdoor.
No, the criminals are the ones breaking the law.
The others are merely opportunists.
Only if said opportunity is not illegal.
Problem 1) This opportunity, stealing illegal tools, is itself a crime
Problem 2) Creating and using such tools for the vast majority of people is also a crime.
Problem 3) The fact the government is a customer and so changed the laws so it is not a crime for this company, makes it legal. Yes, this is a problem.
I have never witnessed a finer b*tch-slap win on the internet!
Bravo, fine sir!
Heaven forbid Slashdot should actually include some pertinent information in the summary to justify the headline...
systemd is Roko's Basilisk.
"you little STALKING whacko"
Potty pot, meet crazy kettle.