Disgruntled programmer accused of trying to sell his firm’s iPhone spyware for $50 million
So you recognize that insider threats are a considerable risk inside your company? Just imagine how serious those threats are for a business that designs mobile spyware for helping law enforcement and intelligence agencies spy on “people of interest,”
NSO Group is a firm that, in its own words, provides “authorized governments with technology that helps them combat terror and crime.”
The most notorious products sold by the Israeli tech firm are spyware kits that exploit unpatched iOS vulnerabilities, allowing intelligence agencies to remotely snoop upon the communications and locations of targeted iPhones. The malware can typically be installed just by tricking a user into clicking on a link sent to them via a text.
It is NSO’s spyware that is thought to have been used in attacks against human rights activist Ahmed Mansoor (recently sentenced to 10 years in jail) in the United Arab Emirates as well as in surveillance campaigns against Mexican journalists, politicians, and legislators.
NSO Group told Forbes two years ago that it only sold its spyware software to “authorized governmental agencies, and fully complies with strict export control laws and regulations.” But it’s easy to imagine how there might be plenty of authoritarian regimes around the world that might be very interested in knowing what is on certain people’s iPhones.
So, you would like to think that NSO Group takes its own security very seriously… but they’ve just discovered that it’s difficult to eliminate the threat posed by rogue insiders.
Israeli media have uncovered an indictment that details how an employee allegedly stole NSO Group’s spyware code and attempted to steal it for a third party for $50 million.
According to reports, NSO Group summoned a 38-year-old lead programmer to an internal disciplinary meeting on April 29, 2018, as the firm (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/featured/disgruntled-programmer-accused-of-trying-to-sell-his-firms-iphone-spyware-for-50-million/
