Sunday, December 3, 2023

Facebook Secretly Tried to Buy Pegasus Spyware From NSO Group to Monitor Apple Users Activities & Access Data

NSO Group CEO Shalev Hulio Claim that Facebook tried to buy a Pegasus Spyware to monitor better their users especially access to the Apple user’s data and their activities.

Pegasus is a powerful commercial spyware developed by Israel based spyware maker NSO group, also known as Q cyber technologies.

The company claimed that they sell its spyware only government and law enforcement agencies for tracking criminals and terrorists, but it alleged that their technology also used to target the individual users around the world

Oct 2019, Facebook filed a lawsuit against the NSO group in the U.S district count in northern direct of California for hacking its WhatsApp messenger by exploiting the zero-day vulnerability using Pegasus to steal the WhatsApp users data.

Now, the Defendant of this case, NSO group or Q cyber technologies CEO and the major shareholder of the company Shalev Hulio declared that two Facebook representatives approached to NSO group to purchase the right to use certain capabilities of Pegasus spyware.

During the time, Facebook was in an initial stage of deploying the VPN Product called Onavo Protect that helps Facebook to analyze the user’s traffic and their activities and send them through the VPN.

Also, he started his declaration in the Court document “Onavo Protect, which has frequently been categorized as “spyware,” allowed Facebook to gather information about Onavo Protect users, including the applications installed on those users’ mobile devices and the amount of time the users spent on each application. “

Also, Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices.

Facebook requested to NSO group that they wanted to use purported capabilities of Pegasus to monitor the users on Apple devices and was willing to pay for the ability to monitor Onavo Protect users.

Shalev Hulio also stated that ” Facebook proposed to pay NSO a monthly fee for each Onavo Protect user. Facebook is a private entity and not a sovereign government or government agency for national security and law enforcement purposes and therefore does not meet NSO’s customer criteria and NSO group declined the sale”

Facebook Spokesperson stats that “NSO is trying to distract from the facts Facebook and WhatsApp filed in court over six months ago. Their attempt to avoid responsibility includes inaccurate representations about both their spyware and a discussion with people who work at Facebook. “

Facebook removed the Onavo Protect from the App Store and Google Play as well due to the suspect of monitoring the users.

Follow us on TwitterLinkedinFacebook for Daily cyber security & hacking news updates.

Website

Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles