Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Businesses Privacy

NSO Employee Abused Phone Hacking Tech To Target a Love Interest (vice.com) 21

An employee of controversial surveillance vendor NSO Group abused access to the company's powerful hacking technology to target a love interest, Motherboard reported Tuesday. From the report: The previously unreported news is a serious abuse of NSO's products, which are typically used by law enforcement and intelligence agencies. The episode also highlights that potent surveillance technology such as NSO's can ultimately be abused by the humans who have access to it. "There's not [a] real way to protect against it. The technical people will always have access," a former NSO employee aware of the incident told Motherboard.

A second former NSO employee confirmed the first source's account, another source familiar confirmed aspects of it, and a fourth source familiar with the company said an NSO employee abused the company's system. Motherboard granted multiple sources in this story anonymity to speak about sensitive NSO deliberations and to protect them from retaliation from the company. NSO sells a hacking product called Pegasus to government clients. With Pegasus, users can remotely break into fully up-to-date iPhone or Android devices with either an attack that requires the target to click on a malicious link once, or sometimes not even click on anything at all. Pegasus takes advantage of multiple so-called zero day exploits, which use vulnerabilities that manufacturers such as Apple are unaware of.

This discussion has been archived. No new comments can be posted.

NSO Employee Abused Phone Hacking Tech To Target a Love Interest

Comments Filter:
  • At first I thought it was a headline from 2012. But then I saw it's NSO not NSA. Otherwise the same.
  • Tech created for good used for evil? That never happens. /s
    • Tech created for good used for evil?

      Since when is love evil?

      If this was the plot of a rom-com everyone would be gushing about his commitment to their relationship, and what a cute couple they made.

      • Only on slashdot would the plot of a stalker movie be considered rom-com.

        • Only on slashdot would the plot of a stalker movie be considered rom-com.

          Many, if not most, rom-coms normalize stalking. "The Notebook", "While You Were Sleeping", "Sleepless in Seattle", "10 Things I Hate about You", "There's Something about Mary", "She's All That", "You've Got Mail", "About Time", and many more contain stalking elements. None of them portray it negatively.

    • It wasn't made for good, NSO makes spyware for phones.
      • Incorrect: Pegasus takes advantage of multiple so-called zero day exploits, which use vulnerabilities that manufacturers such as Apple are unaware of. Apple, Google and MS have so much money and contacts, they do indeed know about most zero days, but choose to do nothing about it, until it hits front page. The AV companies are paid off to whitelist sigs? It is a slap in the face that NSO has not been pushed out of business. If people liike Apple really cared, there would be honeypot versions of their OS o
      • But they make it for the police and other government agencies. If they weren't buying it and using it, NSO would not exist. Are you saying that your police are not the good guys? Do you mean the often trotted out mantra of "you have nothing to hide you have nothing to fear from mass surveillance is WRONG?"
        But hey, only the good guys (the police) have access to all that data. Well, them and the people who maintain the database, the people who discover that the password being used to secure all this deli
  • by mysidia ( 191772 ) on Tuesday April 28, 2020 @01:27PM (#60001276)

    Onwards with the plan to ban strong end-to-end encryption / have government-mandated backdoors in cryptography of messaging apps.

  • When someone has access that can be abused, make sure they know that abuse can be detected after the fact and if they are caught abusing it, there will be consequences.

    Accountability keeps honest people honest and makes it harder for a dishonest person to get away with it.

    Good hiring goes a long way to keeping less-than-honest people from having access in the first place.

    These aren't foolproof, but they help a lot.

    • Sure, but all it takes is one asshole.

      Then we have the police officer who lodged a complaint that he was being victimised for being punished for looking up details of his ex girlfriends new boyfriend. When asked why he felt he was being victimised he said, "everyone does it, why am I being punished".
      So there we have lots of assholes and one idiot.

      Mass surveillance of everyone "in case it's needed" and the empty promise that it will "only be used for good" and if you "have nothing to hide, you have not
  • Give us the name of the targeted woman and we will use crowd-sourcing to check on her. Access to cameras inside her house would also greatly improve our ability to make sure she's safe.

  • by Sebby ( 238625 ) on Tuesday April 28, 2020 @02:28PM (#60001450)

    The previously unreported news is a serious abuse of NSO's products

    Putting the fact that any use of any of NSO's products is abuse, I don't see how this one is "serious" more than anything else that's been previously reported.

    I mean, were other uses "funny" or "humorous" uses of NSO's privacy invasive products?

    • by Jarwulf ( 530523 )
      He targeted only one person instead of thousands like it was designed for and thats just wrong.
  • The NSO group is nothing but a bunch of cyber terrorists and you can't convince me otherwise. The founders and every employee can lick the inside of my asshole. Burn them all. Along with any agency/person that purchased their services.
    • by cusco ( 717999 )

      Motherboard granted multiple sources in this story anonymity

      Interesting how many backstabbers there are in the company willing to talk.

  • Given that its used to hijack federally critical national infrastructure, how is it considered legal?

  • Of course there are ways to protect against abuse by the technical people who create the product. It might be expensive, but possible. Look at banking products - are the people working on those product in a position to have unlimited money? Can the guys who work on money printing presses just print themselves cash? Of course not, there are checks and balances combined with very severe consequences for abusing the system (notice for example that consequences for counterfeiting money are often more severe th

  • This is predatory behaviour. It's not a "love interest", it's a potential rape victim being harassed and stalked. If they can't respect simple boundaries like "don't break into my phone and surveil my every thought, message, and online activity" can they be trusted to respect literally any other boundary at all, ever? This isn't love, and calling it a "love interest" downplays the harm done to this particular individual, as well as victims of online surveillance and harassment everywhere.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...