NSO Spyware 'Targets Big Tech Cloud Services'

The Israeli company whose spyware hacked WhatsApp has told buyers its technology can surreptitiously scrape all of an individual's data from the servers of Apple, Google, Facebook, Amazon and Microsoft, Financial Times reported on Friday. [Editor's note: the link may be paywalled; alternative source] From the report: NSO Group's flagship smartphone malware, nicknamed Pegasus, has for years been used by spy agencies and governments to harvest data from targeted individuals' smartphones. But it has now evolved to capture the much greater trove of information stored beyond the phone in the cloud, such as a full history of a target's location data, archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration. The documents raise difficult questions for Silicon Valley's technology giants, which are trusted by billions of users to keep critical personal information, corporate secrets and medical records safe from potential hackers. NSO denied promoting hacking or mass-surveillance tools for cloud services. However, it did not specifically deny that it had developed the capability described in the documents.

We believe you ...

[schwit1]

"The company maintains that its software is only sold to responsible governments to help foil terrorist attacks and crimes."

'responsible governments' sounds like an oxymoron.

Misleading summary

[joh]

This seems to work by the malware on the phone capturing login data, sending this out and then a server elsewhere basically cloning the phone and syncing all data as if it were another device of the user. This doesn't add much over having malware running on your phone in the first place. As soon as your device is compromised you're screwed anyway.

Re:

[Ryzilynt]

This seems to work by the malware on the phone capturing login data, sending this out and then a server elsewhere basically cloning the phone and syncing all data as if it were another device of the user. This doesn't add much over having malware running on your phone in the first place. As soon as your device is compromised you're screwed anyway.

That is exactly what the article says.

But I do not think the title is misleading because the article goes on to explain that this is exactly how the malicious actor will then be able to gain access to all of your cloud data in addition to the data available directly on or through your phone.

Control

[fluffernutter]

This is why I will have an iPhone. Too much functionality relies on going through the cloud.

Re:

[fluffernutter]

will not* have an iPhone

Re:

[tolydude]

What do you propose as an alternative for an iPhone.

Re:

[fluffernutter]

Any phone that allows you to copy files straight from your desktop over USB and use them with any app on the phone.

Re:

[amorsen]

I haven't owned a iPhone since the 3G, but if my threat model involved a state-level adversary, I would pick those over the alternatives. I would still expect to lose, of course.

Android is a security nightmare, particularly if you are on a non-Google phone.

Re:

[fluffernutter]

Android is only a security nightmare if you install dumb stuff. Sure, personal accountability is required.

Re:

[fluffernutter]

I'd rather make the choice than have it made for me. That's what you do with children.

It won't be long before ...

[CaptainDork]

... the margins on sales of data will be so thin that civilians will have access, much line DNA data.

Nice.

[Gravis Zero]

NSO denied promoting hacking or mass-surveillance tools for cloud services. However, it did not specifically deny that it had developed the capability described in the documents.

Because charging by the individual is far more profitable. Nice.