Editor's Сhoice
April 26, 2020
© Photo: Pixabay.com
Lawsuit reveals extent of Israeli spyware company’s U.S. operation

Michael ARRIA

In 2019, nearly 1,400 WhatsApp users were hacked with a number human rights advocates and journalists targeted. The attack was allegedly the work the NSO Group, an Israeli spyware company.

Last October, Facebook (which owns WhatsApp) sued NSO over the breach, claiming that the company was unable to break Facebook’s encryption, but infected the phones of many users. NSO denied the claims. “The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime,” the company said in a statement at the time, “Our technology is not designed or licensed for use against human rights activists and journalists. We consider any other use of our products than to prevent serious crime and terrorism a misuse, which is contractually prohibited. We take action if we detect any misuse.” NSO has tried to get the case dismissed, arguing that a California court has no jurisdiction in the matter, as its customers aren’t based in the U.S.

However, in this week’s court proceedings Facebook attorneys demonstrated how the company purchased server space in the United States. Forbes’s Thomas Brewster reports that NSO had a contract with California-based QuadraNet and used its server over 700 times during the attack. “Facebook’s lawyers then revealed a handful of subdomains – sip.nsogroup.com, sip.qtechnologies.com, and sip.2access.xyz – that were all hosted on IP address Amazon servers from at least January 2, 2019, through at least November 24, 2019, which encompassed the dates of the attacks,” writes Brewster.

Amnesty International, and other human rights groups, have also been working on legal action to have Israel revoke the export license of NSO. “NSO continues to profit from its spyware being used to commit abuses against activists across the world and the Israeli government has stood by and watched it happen,” said Deputy Director of Amnesty Tech Danna Ingleton earlier this year, “The best way to stop NSO’s powerful spyware products reaching repressive governments is to revoke the company’s export license, and that is exactly what this legal case seeks to do.”

Last month, Israeli Minister of Defense Naftali Bennett publicly celebrated the fact that the Israeli military had worked with NSO in developing a system to give each citizen a score for determining their chance of getting COVID-19.

mondoweiss.net

The views of individual contributors do not necessarily represent those of the Strategic Culture Foundation.
Facebook Says Israeli Spyware Company Ran Vast Hacking Operation in the United States
Lawsuit reveals extent of Israeli spyware company’s U.S. operation

Michael ARRIA

In 2019, nearly 1,400 WhatsApp users were hacked with a number human rights advocates and journalists targeted. The attack was allegedly the work the NSO Group, an Israeli spyware company.

Last October, Facebook (which owns WhatsApp) sued NSO over the breach, claiming that the company was unable to break Facebook’s encryption, but infected the phones of many users. NSO denied the claims. “The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime,” the company said in a statement at the time, “Our technology is not designed or licensed for use against human rights activists and journalists. We consider any other use of our products than to prevent serious crime and terrorism a misuse, which is contractually prohibited. We take action if we detect any misuse.” NSO has tried to get the case dismissed, arguing that a California court has no jurisdiction in the matter, as its customers aren’t based in the U.S.

However, in this week’s court proceedings Facebook attorneys demonstrated how the company purchased server space in the United States. Forbes’s Thomas Brewster reports that NSO had a contract with California-based QuadraNet and used its server over 700 times during the attack. “Facebook’s lawyers then revealed a handful of subdomains – sip.nsogroup.com, sip.qtechnologies.com, and sip.2access.xyz – that were all hosted on IP address Amazon servers from at least January 2, 2019, through at least November 24, 2019, which encompassed the dates of the attacks,” writes Brewster.

Amnesty International, and other human rights groups, have also been working on legal action to have Israel revoke the export license of NSO. “NSO continues to profit from its spyware being used to commit abuses against activists across the world and the Israeli government has stood by and watched it happen,” said Deputy Director of Amnesty Tech Danna Ingleton earlier this year, “The best way to stop NSO’s powerful spyware products reaching repressive governments is to revoke the company’s export license, and that is exactly what this legal case seeks to do.”

Last month, Israeli Minister of Defense Naftali Bennett publicly celebrated the fact that the Israeli military had worked with NSO in developing a system to give each citizen a score for determining their chance of getting COVID-19.

mondoweiss.net