Click for homepage
NSO Group
NSO Group, commonly abbreviated NSO, is an Israeli developer and supplier of cyber surveillance software, based in Herzliya (near Tel Aviv, Israel). The company develops sophisticated hi-tech spy software to target a range of communications equipment, such as telephone exchanges and mobile phones, including Apple's iPhone, and supplies it to governments and law enforcement agencies in ~ 40 countries. 1 Among NSO's customers are regimes of questionable reputation.

NSO is named after the initials of Niv Carmi, Shalev Hulio and Omri Lavie – all former members of Unit 8200 of the Israeli Intelligence Corps – who founded the company in 2010. The company was a subsidary of Q Cyber Technologies. In 2017 it employed nearly 500 people, a 10-fold increase over 2014, whilst the turnover rose from US$ 40 million in 2013 to US$ 150 million in 2015. Since May 2023, NSO is owned by the Luxembourg-based holding firm Dufresne Holdings, which in turn is controlled by NSO co-founder Omri Lavie [14]. 2

According to NSO, the company supplies its products to approx. 60 military, law enforcement and intelligence agencies in 40 unnamed countries, 1 and claims that it rigorously vets their human rights records before allowing them to use its tools. In addition, the Israeli Ministry of Defence conducts its own analysis from a human rights perspective, before issueing an export license [8].

  1. Source: NSO Report [8]. The Citizen Lab has identified 45 countries [9].
  2. Dufresne Holdings is the sole shareholder of NSA parent company NorthPole.

NSO products on this website
Pegasus spyware for eavesdropping an Android and iOS devices
On 1 August 2018, human rights group Amnesty International accused NSO of helping the Saudi Government spy on a member of its staff [2]. In October 2018, The Citizen Lab reported that they were being targeted by undercover operatives connected to NSO, at a time when Citizen Lab was investigating the use of NSO's Pegasus Spyware against a journalist's mobile phone [3]. It is widely speculated that the Pegasus Spyware played a key role in the murder of Saudi dissident Jamal Kashoggi by agents of the Saudi Government a few days later.

In October 2019, NSO was sued by instant messaging company WhatsApp and its parent company Face­book under the US Computer Fraud and Abuse Act (CFAA).

In December 2020, The Citizen Lab revealed that the iPhones of at least 36 journalists, and other operatives of Al Jazeera and Al Arab TV had been hacked by means of NSO's Pegasus spyware, using weaknesses in iMessage and iOS [10]. As it was a so-called zero-click exploit, it required no action from the user. The weaknesses were subsequently fixed by Apple in iOS 14.

In July 2021, Amesty International and Forbidden Stories revealed in the Pegasus Project, that NSO's Pegasus spyware was used by various regimes to eavesdrop on the communications of civil rights activists, lawers, dissidents, journalist, politicians and others [4]. NSO strongly denied the allegations through its website, and has since refused to speak with the press [5]. In a response, Amnesty repeated that it stands by the results of its Pegasus Project investigation [6].

In September 2021, The Citizen Lab discovered that NSO had changed the attack vector of its Pegasus spyware, and had been able to hack into iPhones again since at least February 2021 – again through iMessage – using a weakness in Apple's CoreGraphics library [11]. A week later, Apple released a security update for its iOS and MacOS products that fixed the weakness [12].

In May 2022, The European Union released an interesting and alarming report about the use of spyware within the European Union [13]. Although the report lists a large number of spyware titles, it mainly focusses on NSO products, such as Pegasus and Candiru, which are both used by and against European member states and individuals.

In September 2023, the attack vector of Apple's iPhone was changed once more, and new exploits – again based on an iMessage vulnerability – were reported by Citizen Lab. Within days, Apple released software updates for its products [15].

  1. Wikipedia, NSO Group
    Retrieved July 2021.

  2. Amnesty International, Amnesty International among targets of NSO-powered campaign
    1 August 2018. Updated 1 October 2018.

  3. Raphael Satter, Undercover agents target cybersecurity watchdog
    The Seattle Times (via AP News). New York, 25 January 2019.

  4. Amnesty International, Pegasus Project: Apple iPhones compromised by NSO spyware
    19 July 2021.

  5. NSO Website, Enough is Enough
    21 July 2021. Visited 26 July 2021

  6. Amnesty International, Amnesty categorically stands by Pegasus Project data set
    22 July 2021.

  7. Wikipedia, Pegasus (spyware)
    Retrieved July 2021.

  8. NSO Group, Transparency and Responsibility Report 2021
    30 June 2021. Retrieved July 2021.

  9. Bill Marczak, John Scott-Railton, Sarah McKune, Bahr Abdul Razzak and Ron Deibert, Hide and Seek — Tracking NSO Group's Pegasus Spyware to Operations in 45 Countries
    18 September 2018.

  10. The Citizen Lab, The Great iPwn
    Bill Marczak, John Scott-Railton, Noura Al-Jizawi, Siena Anstis and Ron Deibert.
    20 December 2020.

  11. FORCEDENTRY, NSO Group iMessage Zero-Click Exploit Captured in the Wild
    Bill Marczak, John Scott-Railton, Bahr Abdul Razzak, Noura Al-Jizawi, Siena Anstis, Kristen Berdan and Ron Deibert. 13 September 2021.

  12. Apple, About the security content of Security Update 2021-005 Catalina
    13 September 2021.

  13. European Union, Pegasus and surveillance spyware
    In-depth analysis for the PEGASUS committee. Policy Department for Citizens' Rights and Constitutional Affairs, Directorate-General for Internal Policies. PE 732.268, May 2022.

  14. Jessica Lyons Hardcastle,
    Pegasus-pusher NSO gets new owner keen on the commercial spyware biz

    The Register, 30 May 2023.

  15. Richard Speed, Apple races to patch the latest zero-day iPhone exploit
    The Register, 8 September 2023.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Saturday 26 June 2021. Last changed: Monday, 11 September 2023 - 11:09 CET.
Click for homepage