US Investors Sniffing Around Blacklisted NSO Group Assets

  /     /     /  
Publicated : 23/11/2024   Category : security


US Investors Sniffing Around Blacklisted NSO Group Assets


Pressure mounts on the NSO Groups business viability as Khashoggi widow joins group of plaintiffs suing the Israeli firm for Pegasus spyware abuse.



NSO Group is facing a number of existential crises at the moment, and it appears theres a group of enterprising investors — including, reportedly, a Wrigley chewing gum magnate — ready to take advantage, lassoing control of arguably the most destructive and powerful spyware tool known to-date, i.e., Pegasus.
The Israeli firm was blacklisted by the US government in November 2021 for creating and selling its powerful zero-click
spyware tool Pegasus
, which has been used by its customers to target and track government officials, human rights workers, journalists, activists, academics, embassy workers, and businesspeople across the world. 
The designation placed severe restrictions on the firms ability to operate by banning any transfer of US technology to NSO Group. Then, in December 2021
NSO Groups spyware
was found on the phones of at least nine US State Department employees, which didnt help thaw the firms relationship with Biden administration either.
Theres also the problem of the mounting number of lawsuits.
A new lawsuit filed by Hanan Elatr, widow of murdered Washington Post journalist Jamal Khashoggi,
accuses NSO Groups Pegasus spyware
of violating US hacking laws to track the couple leading up to the
2018 killing
of the vocal Saudi dissident.
Elatr says in the lawsuit that the
Pegasus spyware
caused her immense harm, both through the tragic loss of her husband and through her own loss of safety, privacy, and autonomy, as well as the loss of her financial stability and career.
In addition to Elatr, there are other, far more deep-pocketed legal foes for NSO Group to worry about.
Apple filed suit
in November 2021 against the organization for targeting its users with Pegasus spyware (
attacks that are ongoing
). And in January, the US Supreme Court denied a petition to block a suit to proceed against NSO Group filed by Meta-owned WhatsApp for
spyware damages
.
Despite the legal, business, and brand challenges, NSO Group reportedly continued to hone and improve Pegasus spyware. A recent report from research organization Citizen Lab, which has been at the forefront of working to
expose Pegasus abuse
, said it discovered at least three new exploit chains against human rights activists as recently as 2022.
Perhaps because of that, investors have begun to sniff out a potential opportunity. Reportedly, a motley gang of investors including Robert Simonds, a US investor whose background includes producing Adam Sandler movies, and his buddy, cannabis industry investor and chewing-gum fortune heir William Beau Wrigley, are looking at
buying up NSO Groups assets
, according to new reporting from The Guardian.
The report adds a spokesperson for Wrigley denied he is in discussions to buy NSO Group assets, while a source close to Simonds said he was deep in talks about a sale but aware it would be a steep climb to get the deal done. 
Placing such powerful surveillance technology in the hands of individuals who may not have deep expertise in the cyber industry or a history of involvement in the sector raises questions about the potential ramifications, Callie Guenther, cyber threat research manager with Critical Start tells Dark Reading about the potential NSO sell-off. It is essential to ensure that any potential acquirer of NSOs assets possesses the necessary expertise to handle the technology responsibly, maintain appropriate safeguards, and prevent potential misuse.
It should be noted that other attempts at buying control of Pegasus havent worked out. Last year L3Harris, an American company and US defense contractor was looking into a possible purchase of NSO Groups technology, but the White House objected over serious counter-intelligence and security concerns, the Guardian added.
Then there is the Israeli government, which closely regulates NSO Group and could potentially intervene in any sell off of its technology, the Guardian points out.
NSO operates under close regulation by Israels Ministry of Defense, and any potential sale of its assets would likely face scrutiny from Israeli authorities, Guenther says. It remains to be seen how such a transaction could proceed and whether it would comply with relevant regulatory requirements and national security considerations.
Perhaps theres a pot-sweetener here though: The Guardian added a juicy rumor to its reporting that Simonds has privately pledged to hand over the surveillance technology to the so called Five Eyes alliance between the intelligence agencies of Australia, Canada, New Zealand, the UK, and the US.
Even so, a pledge is not a guarantee. Guenther outlines a number of potential problems with NSO Groups assets falling into the wrong hands, including giving the new owners the power to improve upon its existing capabilities for exploitation, targeting, as well as slow down future potential vulnerability disclosures.
The acquisition could impact the overall cyber threat landscape. If NSOs spyware technology becomes more accessible or proliferates in unauthorized hands, it could lead to an increase in targeted attacks, surveillance activities, and potential abuse, Guenther warns. This would necessitate heightened vigilance and strengthened defensive measures from organizations, governments, and cybersecurity communities to mitigate the associated risks.
Many may question the power a tool like Pegasus could have when flying on behalf of someone rich enough to buy it, but the true value of NSO Group, and its dominance in the spyware space, might have already peaked.
JT Keating, senior vice president of mobile security firm Zimperium, explained to Dark Reading that the trend is decidedly moving toward open source spyware, making the surveillance tools available to almost anyone and driving down the value of NSOs proprietary Pegasus product.
Spyware is now mainstream, including the shift from sole reliance on the Dark Web for distribution to seeing the same kits and tools being found on online repositories like GitHub or online communities like Reddit, Keating says. Regardless of what happens to organizations like NSO, mobile spyware will only continue to proliferate.
Meanwhile though, the squeeze on NSO Groups business continues.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
US Investors Sniffing Around Blacklisted NSO Group Assets