FOGINT: Intelware Tension Ticks Up

December 24, 2024

fog from gifer 8AC8 small_thumb_thumb Observations from the FOGINT research team.

On Friday, December 20, 2024, NSO Group, the Pegasus specialized software outfit, found itself losing a court squabble with Facebook (Meta and WhatsApp). According to the Reuters’ news story pushed out at 915 pm Eastern time, “US Judge Finds Israel’s NSO Group Liable for Hacking in WhatsApp Lawsuit.” In case you don’t have the judgment at hand, you can find the United States District Court, Norther District of California document at this link.

The main idea behind the case is that the NSO Group’s specialized software pressed into duty for the purpose of obtaining information about WhatsApp users. The mechanism was to exploit “a bug in the messaging app to install spy software allowing unauthorized surveillance.” NSO Group’s fancy legal two step did not work.

The NSO Group has become the poster child for the “compromise the mobile” phone and obtain data. The Pegasus system exfiltrates data and, when properly configured, can capture information from a mobile device. Furthermore, the company’s hassles about its customers’ use of the Pegasus tool unwittingly created a surge in software and specialized services performing identical or similar tasks.

The FOGINT team has identified firms which have found different ways of compromising mobile devices. The company, therefore, has been an innovator and its approach to compromising devices has [a] focused attention on Israel’s technical competence in this specialized software niche and [b] rightly or wrongly illustrated that the technology can act with extreme prejudice when used by some clients to solve what they perceive as “problems.”

There are several larger consequences which the FOGINT team has identified:

  1. Specialized software is more prevalent because the revelations about Pegasus have encouraged entrepreneurs and technologists to develop more effective surveillance methods
  2. Unique delivery methods have been crafted. These range for in-app malware to more sophisticated multi-stage malware installed as a consequence of a user’s carelessness
  3. Making clear that powerful surveillance tools can be installed in a way that does not require the user to click, email, or interact. The malware simply dials up a mobile and bingo! the device is compromised.

How will this judgment affect the specialized software industry? In FOGINT’s view, the decision will further stimulate competition and the follow of novel surveillance techniques. One consequence also may be that law enforcement and intelligence professionals will encounter headwinds when similar specialized software is required for certain investigations. FOGINT’s view is that NSO Group’s go-go approach to sales created a problem for the company and for specialized software. Some technologies should remain “secret,” which is now becoming an old-fashioned viewpoint. Marketing is not always a benefit.

Stephen E Arnold, December 24, 2024

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta