Notorious Spyware Firm Reportedly Offered ‘Bags of Cash’ for Access to U.S. Networks

A whistleblower alleges that the scandal-ridden spy ware agency NSO Group as soon as provided a telecom safety firm “bags of cash” to purchase entry to its mobile networks, ostensibly so its shoppers might observe particular cellular customers throughout the United States.

The claims come from Gary Miller, a cybersecurity skilled who beforehand served as a vice chairman at community safety agency Mobileum. Miller, who has since left the corporate, stated that in a 2017 convention name between the agency and NSO representatives, one of many spy ware vendor executives pushed for entry to SS7—an insecure networking protocol that has been identified to permit covert surveillance on unsuspecting cellphone customers. When queried as to how such a transaction would happen, NSO co-founder Omri Lavie is reputed to have advised Mobileum officers: “We drop bags of cash at your office.”

Miller claims that he initially reported this encounter to the FBI by way of a web based tip portal again in 2017 however by no means heard again. Then, final yr, amidst an ongoing DOJ investigation into NSO, he formally handed over his claims once more—this time on to the Justice Department. He says he has additionally offered detailed details about the incident to each the Securities and Exchange Commission and the Federal Communications Commission.

SS7 has reportedly been a vector for shady surveillance for years. The protocol has well-known safety flaws that hackers can use to eavesdrop on cellphone calls and observe units. The Saudi and Chinese governments, in addition to Israeli hacker-for-hire firms, have been accused of utilizing these safety flaws to hack unsuspecting cellular customers—together with Americans. In December, a worldwide messaging contractor, Mitto AG, was equally accused of promoting SS7 entry to personal safety companies which, in flip, would allegedly promote it to legislation enforcement companies.

In response to Miller’s claims, NSO just lately told the Washington Post that they’d “never done any business with” with Mobileum, and that it “does not do business using cash as a form of payment.” It additionally claimed it was not “aware of any DOJ investigation.” Mobileum equally disavowed any connection to the spy ware vendor: “Mobileum does not have — and has never had — any business relationship with NSO Group,” the corporate’s prime government, Bobby Srinivasan, advised the newspaper.

The allegations come at a dire time for NSO, as ongoing scandals tied to its merchandise proceed to roil its popularity and threaten future enterprise. Most just lately, controversies have emerged in locations as far-flung as Finland, Poland, Israel, Hungary, El Salvador, and Uganda, although allegations of misconduct exist in many, many other countries.

On Friday, the New York Times printed a sweeping investigation into the corporate’s ties to the U.S. authorities, revealing that, amongst different issues, the FBI had thought-about shopping for and deploying one among NSO’s surveillance techniques for “domestic” use again in 2019. The revelations make it considerably ironic that the Justice Department is now investigating NSO, since, in response to the paper, DOJ attorneys additionally spent two years making an attempt to find out a authorized pretext for FBI deployment of NSO instruments contained in the United States.