Whitehat NSO Code Stolen by Employee and Listed on Dark Web

FrgMstr

FrgMstr

Just Plain Mean
Staff member
Joined
May 18, 1997
Messages
55,629
Israel's NSO Group is a smartphone surveillance corporation that creates hacks for iOS and Android devices. These tools allow governments to crack the security on mobile devices such as the iPhone. One of their employees disabled the McAfee Security software on their company PC, stole the source code for NSO Group's products and attempted to sell it on the dark web for $50 million in cryptocurrency. Luckily the software wasn't transferred to another party before the authorities were alerted and the rogue employee was arrested.

While this story is comical as it does answer the age old question, "Who would use McAfee Security software nowadays?" it is good that the employee was stopped. It seems that the Israeli government and other governments use NSO Group tools to defeat the security on mobile devices. It would be really bad for those tools to fall into the wrong hands.


NSO has developed cyberweapons used by dozens of intelligence apparatuses, militaries, and law enforcement around the world. Its most important product is a spyware known as Pegasus. The software can infect cellphones, allowing someone to record calls, remotely access the device's camera, see text messages, obtain GPS coordinates, and more. The software can be remotely installed onto any mobile device without the owner's knowledge.

According to the indictment, upon realizing that he was going to lose his job, the employee copied top-secret code from the company's networks – code that could damage security in several countries, including Israel, if it reached the wrong hands. Following his dismissal, he contacted a foreign entity and attempted to sell a hard drive containing the code for $50 million.
 
Sounds to me like those tools are already in "the wrong hands". Security vulnerabilities should be disclosed and fixed, regardless of the supposed benifits to intelligence agencies. This is how shit like Ransomware happens.
 
You really should have a buyer lined up before you steal something of value.

I prefer not to steal in the first place. Far too messy. Not worth the hassle.
 
Not entirely sure how they know for absolute certain that this didn't get into anyone else's hands. This is the age old problem of thinking only the manufacturer/government/etc will have access. Once it gets out, it's a free for all for the bad actors. Can't have it both ways, so since there's no way governments won't think they're entitled to backdoors, security for everyone else will always be a lie.
 
arnemetis said:
Not entirely sure how they know for absolute certain that this didn't get into anyone else's hands. This is the age old problem of thinking only the manufacturer/government/etc will have access. Once it gets out, it's a free for all for the bad actors. Can't have it both ways, so since there's no way governments won't think they're entitled to backdoors, security for everyone else will always be a lie.
Click to expand...

Well, he did offer it. It may have been compromised as of that moment.
 
viscountalpha said:
You really should have a buyer lined up before you steal something of value.

I prefer not to steal in the first place. Far too messy. Not worth the hassle.
Click to expand...

We had a soldier take a laptop with classified info on it across the Inter-German border back in the cold war when I was stationed there, sold the info on it for $5K, luckily the border patrol spotted the Humvee he was driving hidden in the woods in the 1K zone and arrested him when he came back across. It's the ones you don't catch that are the problem....
 
motomonkey said:
We had a soldier take a laptop with classified info on it across the Inter-German border back in the cold war when I was stationed there, sold the info on it for $5K, luckily the border patrol spotted the Humvee he was driving hidden in the woods in the 1K zone and arrested him when he came back across. It's the ones you don't catch that are the problem....
Click to expand...

I don't know how people like that live with themselves. That's just wrong. Especially if it costs some people their lives.
 
It would have been better for it to have been leaked, so venders would habe been force to fix the issues.
 
wootius said:
It would have been better for it to have been leaked, so venders would habe been force to fix the issues.
Click to expand...

Why would they? They were probably payed good money to put those back doors in.

I am usually death on conspiracy theories, but there have been way to many conveniently placed "flaws" over the years, that have been exploited by government "Acronym" groups.
 
katanaD said:
one thing that always makes me wonder is why didnt they lock him out of everything the moment they knew they were going to fire him? Its not like he was the landscaper or such. "secrets" are very hard to keep, but in small office settings.. damn near impossible.
Click to expand...

Lot of cases like this, the guy knew he was on the "escort out of the building walk of shame" list, so takes precautions ahead of time as an exit strategy.
 
I'll make my usual comment about not knowing how to access the so called Dark Web.
 
Wait, a company that sells privacy intrusion devices to the highest bidder so they can target human rights activists, journalists and public health campaigners are white hat hackers now?

Uh huh.

"The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems."... Yeah, I'm not seeing that in a for profit arms dealer
 
arnemetis said:
Not entirely sure how they know for absolute certain that this didn't get into anyone else's hands. This is the age old problem of thinking only the manufacturer/government/etc will have access. Once it gets out, it's a free for all for the bad actors. Can't have it both ways, so since there's no way governments won't think they're entitled to backdoors, security for everyone else will always be a lie.
Click to expand...
Sounds like he copied it to a hdd and took that home. I doubt he connected it to anything before attempting to sell it, but if he did he's dumb...well, he's pretty dumb regardless, but he'd be extra dumb.
 
everything is secure until it gets leaked to the public then it's a fucking mess.

so instead of exlpoiting phones law enforcement and guvs should help secure them.

but you know the terrorists could win.
 
Another voice for the 'it would have been better if the hacks had been sold, so that phone vendors would have had to patch their phones and the public would have become more aware' group, here.
 
Sycraft said:
Because it is one of only two virus scanners made by US firms (Symantec being the other). Most AV vendors are from various Eastern European nations. For example ESET is Slovakia, Kaspersky is Russia, Bitdefender is Romania, Avast is Czech, AVG is Czech, and so on. Well, depending on your paranoia level and who you are paranoid of spying on you, perhaps you want a product not made in a former USSR country. Not many options in that case.

The US government is pretty much all Symantec for that reason. Good or bad quality wise, they feel like it won't be spying on them because they have more sway over the company.
Click to expand...

Kaspersky is not to be trusted if there's any validity to this https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html So there's alot of sense to what your talking here.
 
Delicieuxz said:
Another voice for the 'it would have been better if the hacks had been sold, so that phone vendors would have had to patch their phones and the public would have become more aware' group, here.
Click to expand...
But they won't. At best, the next generation of phones would have the 'fix' in place, but make no mistake this would be no different than the norm of phones simply not getting updates. Too good for business to just make everyone buy a new phone right away instead.
 
I still maintain we should feed asshats that steal code into a chipper/shredder feet first. And let them hold the rope that holds them up over the intake. Stream it live.
 
Israel having this is already the wrong hands. Not like they haven't started multiple wars in an attempt to drag other nations in when it goes wrong, invaded Syria by proxy via 'ISIS', have an expansionist land-stealing state and nearly sunk a US navy ship under a false flag. Some (((allies))) and you send them billions in return for instability and war. Almost like they have more priority and say in US govt than US people, how unusual.
This stuff should be out there and not kept to be used for government oppression, corruption, industrial espionage and the usual they get away with.
 
N4CR said:
Israel having this is already the wrong hands. Not like they haven't started multiple wars in an attempt to drag other nations in when it goes wrong, invaded Syria by proxy via 'ISIS', have an expansionist land-stealing state and nearly sunk a US navy ship under a false flag. Some (((allies))) and you send them billions in return for instability and war. Almost like they have more priority and say in US govt than US people, how unusual.
This stuff should be out there and not kept to be used for government oppression, corruption, industrial espionage and the usual they get away with.
Click to expand...

Oh boy, the old "ISIS is an Israeli and/or US Proxy" bullshit again, along with the standard "all the Arab worlds problems are Israel's fault".

Typical anti-Israeli propaganda, usually spouted by Arabs who can't stomach the fact that they can't do a damn thing about Israel existing.

Indulge my sense of the Ludicrous, what wars has Israel started, that it wasn't provoked into doing so?
 
You must log in or register to reply here.
Back
Top