European Parliament reveals the controversial facts about the functioning of NSO Group
We all are very well aware of the fact that the journey of Israeli’s notorious spyware firm NSO Group has always been controversial. In the past, the NSO group was in news for selling its tools to government entities. NSO says it only sells its services and tools to law enforcement and intelligence agencies and also takes steps to control exploitation. Its secret functioning has always intrigued the researchers.
NSO Group is made up of over 30 subsidiaries and units — with names like CS-Circles Solutions and Westbridge Technologies — across Israel, UAE, Saudi Arabia, Luxembourg, Cyprus, Bulgaria, the United States, Hong Kong, and the United Kingdom.
On 18th April 2022, the citizen lab and Catalan Civil society group recognized at least 65 individuals targeted with Pegasus Spyware and Candiru. This hacking campaign was operated against the members of the European parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations. The Lab also identified the evidence of HOMEAGE, (a previously-undisclosed IOS zero-click vulnerability used by the NSO group that was effective against some versions prior to 13.2.
In 2019, WhatsApp identified patched CVE-2019–3568, a vulnerability exploited by NSO Group to hack Android Phones around the world with Pegasus. It was notified that 1,400 users including members of civil society and political figures in Catalonia, Spain were targeted by the exploit. After 1 year in 2020, this case was first reported by ‘The Guardian’. Following these reports, the Citizen Lab with Civil Society Organizations undertook a large-scale investigation into Pegasus hacking in Spain. It was recognized that the systems of the victims were infected with the installation of the device.
In 2021, Two Jordanian Journalists, Suhair Jaradat (a freelance columnist for media outlets including the London-based Arabic news website ‘Today’s Opinion’) and Second who also worked as Human right activist was targeted by Pegasus spyware. According to the journalist’s report, Jaradat’s phone was infected with Pegasus spyware on at least six separate Occasions, also the phone of the second journalist was infected at least twice in 2021.
Very recently on April 19, EU Parliament launched an inquiry committee regarding the usage of the Pegasus spyware tool of the NSO group, by government authorities across the World. The inquiry revealed that the spyware is widespread in European Nation and has been used against some of the bloc’s well-known leaders, including Pedro Sánchez (Prime Minister of Spain) and political groups in Spain, Poland, and Hungary.
According to the inquiry Documents, BRG — Berkley Research Group (new owner of NSO Group Since 2021) informed members of the European parliament that NSO group’s founders Shalev Hulio and Omri Lavie, as well as its former owner Novalpina, are discomforting their efforts to examine and modification of the corporation.
However, ownership records obtained by Politico indicated that BRG took control over Novalpina, and through it NSO Group in July 2021. The ownership Documents manifested that it has made many appointments inside the commercial structure since its management.
BRG stated in the documents that it is facing legal action in Luxembourg and London from former owner Novalpina, Who claims irregularities in its takeover of NSO Group.
NSO Group has always been seen as a notorious hacking group, but the reality is that it is not alone in fact; there are more similar firms whose work model is similar to NSO Group.
