A former NSO employee is caught selling spyware on $50M

Share this…

An NSO Group ex employee, one of the most powerful hacking companies in the world, has been arrested and charged for stealing company’s phone hack tools and trying to sell it for $50M on the dark web.

The Israeli computer piracy firm NSO Group is primarily known for selling high-tech malware capable of remotely connecting Apple computers and Android-operating devices to intelligence agencies, armed forces and law enforcement agencies all over the world.

The company has recently become victim of an internal abuse attack carried out by a former 38-year-old employee who stole the most powerful spyware agent from the company called Pegasus and tried to sell it for $50M in the darkweb, asking for payment in several cryptocurrencies assets, including Monero and Zcash, as reported by pentest experts from the International Institute of Cyber Security.

This is a much higher price than the one allocated by NSO Group to Pegasusspyware, which reportedly sells for less than 1 million per project.

According to pentest spetialists, Pegasus is the same spyware used to attack Human Rights activist Ahmed Mansoor in the United Arab Emirates in the mid-2016.

Pegasus is capable of remotely hacking mobile phones, allowing the hacker to access a huge amount of data about the victim, including text messages, dates marked on his calendar, emails, WhatsApp messages, location, microphone and camera, all without the victim’s knowledge.

According to an accusation filed by Israel general attorney, the former employee worked in NSO’s quality control department, and after realizing that he was going to lose his job, he copied the code from the NSO networks to an external hard drive after he disabled McAfee security software on his PC.

After his removal, the defendant contacted an unidentified individual through the dark web, introducing himself as a member of a team of hackers who had successfully entered NSO’s internal net and attempted to sell the hard drive containing the spyware code for $50M.

Ironically, the buyer was the one who informed the company about the filtered software and its sale in darkweb.

NSO Group mentioned having quickly detected the violation and the unidentified suspect, as well as establishing contact with the authorities, adding that no material was shared with any third party and that no data or information was compromised from its clients according to their pentest.

The suspect was arrested on 5 June and the stolen software was secured. The defendant now faces a process for selling security tools without proper licensing, employee theft, and attempted damage to the property in a manner that could damage State security.

With 500 employees and a value of $900M, NSO Group has established a billion-dollar agreement with the American software company Verint Systems that is ready to merge its security division with NSO.