FBI probes use of Israeli firm's spyware in personal and government hacks

The Federal Bureau of Investigation (FBI) is investigating the role of Israeli spyware vendor, NSO Group Technologies, in possible hacks on US residents and companies, as well as suspected intelligence gathering on governments, Reuters reported on Friday.

According to Reuters, the investigation started in 2017, when the FBI investigated the possibility that NSO obtained codes from US hackers in order to hack mobiles.

NSO claims that it sells its own espionage software and technical support only to governments, to use for tracking “suspected terrorists and other criminals”.

The Israeli firm has been claiming for a long time that its products do not target US citizens, but according to Reuters, experts dispute this.

Read: Palestinian Forum in Britain calls on UK government to challenge US ‘peace plan’

After a complaint from Facebook against NSO, claiming it used WhatsApp to hack the accounts of 1,400 users, Reuters revealed that the FBI interviewed several experts in the field, to consult them on the issue.

“We have not been contacted by any US law enforcement at all about any such matters,” NSO, which claimed it was not aware of any inquiry, announced in a statement.

Reuters allege that NSO did not answer additional questions regarding the conduct of its employees, but previously disclosed that government customers are the ones hacking.

According to a spokeswoman for the FBI, the agency: “Adheres to DOJ (Department of Justice)’s policy of neither confirming nor denying the existence of any investigation, so we wouldn’t be able to provide any further comment.”

Suppliers of hacking tools could be prosecuted under the Computer Fraud and Abuse Act (CFAA) or the Wiretap Act, if they had enough knowledge of or involvement in improper use, said James Baker, general counsel at the FBI until January 2018.

The CFAA criminalises unauthorised access to a computer or computer network, and the Wiretap Act prohibits use of a tool to intercept calls, texts or emails.

NSO is known in the cybersecurity world for its “Pegasus” software other tools that can be delivered in several ways. The software can capture everything on a phone, including the plain text of encrypted messages, and commandeer it to record audio.

A business strategy firm retained on behalf of Amazon.com Inc Chief Executive Jeff Bezos, FTI Consulting, said this month that NSO could have supplied the software it said Saudi Arabia used to hack Bezos’ iPhone. The phone began sending out more data hours after it received a video from a WhatsApp account associated with Crown Prince Mohammed bin Salman, FTI said. Saudi Arabia called the FTI allegation “absurd,” and NSO said it was not involved. Other security experts said the data was inconclusive.

READ: New York Times journalist reveals Saudi Arabia’s attempt to hack his phone 

FBI leaders have indicated that they are taking a hard line on spyware vendors.

At a briefing at FBI Washington headquarters in November, a senior cybersecurity official said that if Americans were being hacked, investigators would not distinguish between criminals and security companies working on behalf of government clients.

“Whether you do that as a company or you do that as an individual, it’s an illegal activity,” the official said.

In the counterintelligence aspect of the probe, the FBI is trying to learn if any US or allied government officials have been hacked with NSO tools and which nations were behind those attacks, according to a Western official briefed on the investigation.

Outside of government, journalists, human rights activists and dissidents in several countries have been victims of attacks using NSO spyware, according to the University of Toronto’s Citizen Lab researchers.

In the past, NSO has denied involvement in some of those instances and declined to discuss others, citing client confidentiality requirements.