We read news and outrage related to the government snooping on its citizens’ computers and smartphones to access their data without their authorization through backdoor, every now and then. And, to encash the opportunity, there are several digital surveillance firms popped up all over the world, who will access anyone’s personal data for money. One of these firms, NSO Group, an Israeli spyware firm, is in the news from last week after a security research group found NSO’s malware in a UAE-based human rights activist Ahmed Mansoor’s iPhone.
The human rights activists device has received a text message with a link and when it opened, it would install a malware automatically into iPhone, through an iOS bug. However, Apple has released an update after a waking call from the research group. The same bug was also present in the Apple Inc’s desktop OS and Safari browser as well.
Now, a latest report from New York Times revealed more documents related to the NSO Group and its price lists for potential customers, especially corrupt governments who wish to snoop its enemies inside the nation and outside the borders. The report mentioned that the Israeli company sells many packages to hack iPhones, Android Phones as well as Symbian devices with various price tags and offers. Here are some information from their commercial proposal:
The client has to pay a $500,000 installation fee for an initial setup, then they will have various packages depending upon the type of device they want to get access to. In the case of iPhones, the client has to pay $650,000 to hack 10 Apple phones or Android phones, $300,000 to hack 5 Symbian phones and $500,000 to hack 5 BlackBerry devices.
They have even more advanced plans to increase the sales of its packages such as, $150,000 for 20 extra target devices, $500,000 extra for 50 target devices and $800,000 extra for 100 extra phones or computers. The client has to pay an additional 17 percent of their total bill value as an annual system maintenance fee every year.
According to the NYT report, NSO Group has founded 6 years ago and there are not many financial details available in the public domain as it is a privately held company by two individuals from Israel. It’s been reported that a San Francisco-based private equity firm Francisco Partners has acquired a controlling stake in NSO Group for $120 million in 2014.
NSO Group pitches its packages to countries across the European continent as well as other unnamed countries. Mexico seems to have already signed up for over $15 million worth of contract with the company.
Since the leak of this information, the Mexican government has accepted that it used the surveillance program of this firm and defended their action by saying that it hasn’t used the digital surveillance on any of the human rights activists as journalists. Ricardo Alday, a spokesman for the Mexican embassy in Washington, said in an emailed statement:
“Our intelligence systems are subject to Mexico’s relevant legislation and have legal authorization. They are not used against journalists or activists. All contracts with the federal government are done in accordance with the law.”
Pegasus was a main product of NSO Group, which was recently found in Ahmed Mansoor’s iPhone as well as a Mexican journalist who wrote about the corruption in the Mexican government. The Pegasus malware was installed in any target’s iPhones, Android Phones, Symbian and BlackBerry devices, just by tricking the users through emails or text messages. When such tricky emails and SMS messages opened, the software automatically gets installed into the device without the knowledge of users and starts sending personal data from the device, such as contact lists, GPS data, microphone recordings, camera access, etc.
Meanwhile, NSO Group argues that they provide their spying services to governments and law enforcements to track and contain drug traffickers, kidnappers and terrorists. But, the question remains – why the Pegasus found on a journalist’s phone and on a human rights activist’s phone?