FBI probes use of Israeli firm's spyware in personal and government hacks

The FBI is investigating the role of Israeli spyware vendor NSO Group Technologies in possible hacks on American residents and companies as well as suspected intelligence gathering on governments, according to four people familiar with the inquiry.

The probe was underway by 2017, when Federal Bureau of Investigation officials were trying to learn whether NSO obtained from American hackers any of the code it needed to infect smartphones, said one person interviewed by the FBI then and again last year.

NSO said it sells its spy software and technical support exclusively to governments and that those tools are to be used in pursuing suspected terrorists and other criminals. NSO has long maintained that its products cannot target U.S. phone numbers, though some cybersecurity experts have disputed that.

The FBI conducted more interviews with technology industry experts after Facebook filed a lawsuit in October accusing NSO itself of exploiting a flaw in Facebook’s WhatsApp messaging service to hack 1,400 users, according to two people who spoke with agents or Justice Department officials.

NSO said it was not aware of any inquiry.

“We have not been contacted by any U.S. law enforcement at all about any such matters,” NSO said in a statement provided by Mercury Public Affairs strategy firm. NSO did not answer additional questions about its employees conduct but previously said government customers are the ones who do the hacking.

A spokeswoman for the FBI said the agency “adheres to DOJ’s policy of neither confirming nor denying the existence of any investigation, so we wouldn’t be able to provide any further comment.”

Reuters could not determine which suspected hacking targets are the top concerns for investigators or what phase the probe is in. But the company is a focus, and a key issue is how involved it has been in specific hacks, the sources said.

Part of the FBI probe has been aimed at understanding NSO’s business operations and the technical assistance it offers customers, according to two sources familiar with the inquiry.

Suppliers of hacking tools could be prosecuted under the Computer Fraud and Abuse Act (CFAA) or the Wiretap Act, if they had enough knowledge of or involvement in improper use, said James Baker, general counsel at the FBI until January 2018.

The CFAA criminalizes unauthorized access to a computer or computer network, and the Wiretap Act prohibits use of a tool to intercept calls, texts or emails.

NSO is known in the cybersecurity world for its “Pegasus” software other tools that can be delivered in several ways. The software can capture everything on a phone, including the plain text of encrypted messages, and commandeer it to record audio.

A business strategy firm retained on behalf of Amazon.com Inc Chief Executive Jeff Bezos, FTI Consulting, said this month that NSO could have supplied the software it said Saudi Arabia used to hack Bezos’ iPhone.

The phone began sending out more data hours after it received a video from a WhatsApp account associated with Crown Prince Mohammed bin Salman, FTI said. Saudi Arabia called the FTI allegation “absurd,” and NSO said it was not involved. Other security experts said the data was inconclusive.

The FBI is investigating and has met with Bezos, a member of his team told Reuters. A Bezos spokesman did not respond to a request for comment.

FBI leaders have indicated that they are taking a hard line on spyware vendors.

At a briefing at FBI Washington headquarters in November, a senior cybersecurity official said that if Americans were being hacked, investigators would not distinguish between criminals and security companies working on behalf of government clients.

“Whether you do that as a company or you do that as an individual, it’s an illegal activity,” the official said.

In the counterintelligence aspect of the probe, the FBI is trying to learn if any U.S. or allied government officials have been hacked with NSO tools and which nations were behind those attacks, according to a Western official briefed on the investigation.

Outside of government, journalists, human rights activists and dissidents in several countries have been victims of attacks using NSO spyware, according to the University of Toronto’s Citizen Lab researchers.

In the past, NSO has denied involvement in some of those instances and declined to discuss others, citing client confidentiality requirements.

1 Like

Wouldn’t it be nice if the FBI conducted an investigation when normal everyday citizens got their accounts hacked? I’ve never seen anyone from any of the innumerable amount of companies go to prison, or even get investigated, as a result of these massive data breaches - the morons that control our credit rating couldn’t even keep their data secure and NOTHING happened other than that worthless free year of identity monitoring.

1 Like

Wait - an Israeli firm was making spyware that was used for nefarious purposes, gets caught, denies it, then claims to know nothing about anything? Shocking.

My prediction is that this goes nowhere. The FBI is the epitome of the deep state and they would never go after the people providing them the tools they use to illegally do their jobs.

The entire article is nothing but if, then, maybe, what if, and we’ll see.

The most logical answer is that one of our own LE or Intelligence agencies is doing the hacking and they are trying to deflect the blame by opening an investigation on a foreign company to cover it up.

That’s nothing but conspiracy nut BS.

Get your own material.

This history of our LE/Intel agencies, particularly recent history makes that the most logical possibility.

Why? Yours is effective. You were complaining about the article being completely made up…then you proceeded to make up what you think happened :ok_hand:

It’s effective because when I use it, it’s accurate. You lack the intellectual aptitude to either come up with your own material or to apply it.

What I said is completely accurate on both counts.

The released statements don’t indicate there’s any evidence to suggest this company is responsible and our own LE/Intel agencies have a long record of fabricating accusations and covering them with investigations.