- NSO Group, the Israeli security firm whose Pegasus malware was used in a WhatsApp hack in May, has boasted it can break into the cloud services of big tech companies, according to the Financial Times.
- The FT said it reviewed sales documents from NSO that said its new system could obtain a target's location-data history, archived messages, and photos.
- The cloud services of Apple, Google, Facebook, Amazon, and Microsoft were all mentioned in the FT report as being vulnerable. Some are investigating the issue.
- "We do not provide or market any type of hacking or mass-collection capabilities to any cloud applications, services, or infrastructure," an NSO representative told the FT.
- Visit Business Insider's homepage for more stories.
The company behind a WhatsApp hack has been boasting that it can break in to the cloud services of big tech companies including Amazon, Apple, Facebook, Google, and Microsoft, the Financial Times reports.
The Israeli security firm NSO Group is known for its Pegasus malware, which the FT in May said had been used to hack the phones of human-rights activists using just a single WhatsApp call. The malware could make its way onto the target's phone even if the person didn't pick up the call.
Now NSO has been telling prospective clients that Pegasus has been developed to target cloud servers, according to people familiar with the sales pitch and documents shared with the FT. NSO reportedly said in its pitch that by hacking into these servers it could access someone's location-data history, archived messages, and photos.
According to the sales documents viewed by the FT, the method involves copying authentication keys for services like Google Drive, Facebook Messenger, and iCloud from a targeted phone. Once this is done, a separate server can then impersonate the device without alerting the real owner.
The document said that even if the malware were removed from the device, attackers could still have unlimited access to data uploaded to the cloud, the FT reported.
"There is a fundamental misunderstanding of NSO, its services and technology. NSO's products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure, as listed and suggested in today's FT article," an NSO spokeswoman told Business Insider, adding that NSO's products were designed to target "terrorists and criminals" who coordinate over encrypted technologies.
"Our products are licensed in small scale to legitimate government intelligence and law-enforcement agencies for the sole purpose of preventing or investigating serious crime including terrorism," she said.
Some of the big tech companies mentioned in the report are now conducting investigations.
"We have no evidence that Amazon corporate systems, including customer accounts, have been accessed by the software product in question," an Amazon spokesman told Business Insider. "We take customer privacy and security extremely seriously, and will continue to investigate and monitor the issue."
Facebook added: "Protecting the security of people's accounts is a top priority. We are reviewing these claims."
Microsoft told the FT its security technology was "continually evolving." Apple told the newspaper that its operating system was "the safest and most secure computing platform in the world."
"While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers," Apple added.
"We've found no evidence of access to Google accounts or systems, and we're continuing our investigation. We automatically protect users from security threats and we encourage them to use tools like our Security Checkup, 2-step verification, and our Advanced Protection Program, if they believe they may be at especially high risk of attack," a Google spokesman told Business Insider.
Apple and Microsoft were not immediately available for comment when contacted by Business Insider.