Headquartered in Herzelia, Israel, NSO Group was founded in Dec. 2009 by Omri Lavie and Shalev Hulio, according to both cofounders' LinkedIn profiles, which show they are both serial entrepreneurs who had previously started a number of other companies in Israel. A third founder, Niv Carmi, left the company shortly after its inception and left Lavie and Hulio as majority shareholders.
The San Francisco-based private equity firm Francisco Partners acquired a majority stake in NSO for $120 million in 2014, though its operations remain in Israel.
Hulio says on his LinkedIn profile he was a company commander with the Israel Defense Forces, while Lavie says he was an employee of the Israeli government.
At least three of its current employees claim to have worked in Unit 8200, Israel's version of the US National Security Agency.
The company describes itself in vague terms on its LinkedIn, saying it is "a unique company in the field of Internet security software solutions and security research. It is responsible for many unique developments on both mobile and PC environments. The company also specializes in creating highly sought solutions in the mobile and PC controlled environments."
Though that description offers little of substance, the profile's listed specialties of internet security, mobile security, cyber threats, and penetration testing give a better idea of the high-tech spying tools it develops.
NSO currently employs more than 120 people, according to its numbers on LinkedIn. That's more than double the head count it had two years ago.
A brochure uploaded online by Privacy International from the company gives more insight into what it really does, which is to offer mobile hacking solutions for a variety of phones exclusively for the use of governments, law enforcement, and intelligence agencies.
NSO Group says it is "a leader in the field of cyber warfare" that utilizes its proprietary monitoring tool it calls "Pegasus," which can monitor and extract all data from a target "via untraceable commands" which allow "remote and stealth."
Its clients have reportedly included Panama and Mexico, though a person familiar with the company told the Wall Street Journal it does business all over the world.
NSO received $8 million from Panama's government for its Pegasus spy software, according to a local press account. And with this latest research from Citizen Lab documenting an attack on Ahmed Mansoor, a human rights activist living in the United Arab Emirates, it's likely that government has purchased the software as well.
NSO showed off demonstrations of its mobile phone hacks on a BlackBerry, iPhone, and Android phone in 2013, according to leaked emails from a breach of Hacking Team, a competitor of the company based in Italy.
"Your smartphone today is the new walkie-talkie," NSO cofounder Omri Lavie told the Financial Times that year. "Most of your typical solutions for interception are inadequate, so a new tool had to be built."
Pegasus can infect a targeted phone in two ways, both of which are through SMS text messaging. Its "zero-click" vector allows an attacker to send a special SMS message to a target which causes the phone to automatically load a malicious link, while its "one-click" vector requires a user to click a link to infect their device, which happens in the background without a user ever knowing.
Once infected, spies can actively record with the phone's microphone or video camera, grab personal data like calendars, contacts, and passwords, or download all the data on the device, to include emails, photos, and browsing history.
"We’re a complete ghost," Lavie told Defense News in 2013. "We’re totally transparent to the target, and we leave no traces."
In order to attack the latest iOS software, the company's spyware utilized three "zero-day" exploits — which are bugs that have not yet been fixed — which Lookout called "the most sophisticated attack" it had ever seen.
Lookout believes Pegasus has possibly been in use to hack iPhones going all the way back to iOS 7. Apple's latest software update, iOS 9.3.5 (which was released Thursday), prevents this attack from working.
NSO Group does have a LinkedIn profile which lists nsogroup.com as its domain name, but that, unfortunately, leads to nowhere. A look back at their website through history via The Wayback Machine showed four different snapshots taken, all of which were just placeholder pages.
Though the domain name was registered in April 2008, it doesn't seem to have ever had any content for potential customers to view.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
One of the world's only 5-star airlines seems to be considering asking business-class passengers to bring their own cutlery
From underdog to superfood: Have millets finally managed to make a comeback?
7 Things to do on your next trip to Rishikesh
RBI bars Kotak Mahindra Bank from onboarding new customers via online, issuing fresh credit cards
Next Story