Notorious Spyware Vendor Pushes COVID-19 Tracking Solution
Since October 2019, Facebook and it’s subsidiary WhatsApp have been fighting in court with an Israeli spyware firm NSO Group, claiming that the firm used WhatsApp to facilitate spyware distribution. Although the conclusion is yet to be reached, the case brought up interesting notions about NSO Group and the situation with users’ privacy. But nevermind that, the notorious malware vendor is now selling a COVID-19 tracking app. Nothing of that spying business, presumably.
In this piece, we give a rundown on the WhatsApp hacking case and the role of NSO Group in it, look at the spyware firm’s COVID-19 app and point out a few concerns about it all.
NSO Group, Malware, and WhatsApp Case
On October 29th, 2019, WhatsApp published a statement informing the users about a cyberattack the team stopped earlier in May 2019. In the statement, WhatsApp attributed the attack to NSO Group, an Israeli firm that sells spyware to governments and “authorized agencies” around the globe. The messenger and its parent Facebook have also filed a lawsuit against NSO Group.
According to WhatsApp’s research, the messenger’s video call service was exploited to implant malicious code into the user’s mobile devices. Around 1,400 users were targeted by the attack. It turned out that among these users were journalists, human rights activists, and dissidents.
Over the course of the attack, these users received voice calls that would infect the device with spyware. The targets didn’t even have to pick up the call. The spyware in question is Pegasus, a flagship solution developed and sold by NSO Group. After getting onto an Android or iOS device, Pegasus was able to send back passwords, contacts, messages, and calendars, as well as use cameras, microphones, and GPS sensors to get additional information.
The complicated court case is still unfolding. Facebook and WhatsApp claim that NSO Group violated the messenger’s Terms of Service, the Computer Fraud and Abuse Act, and сertain other laws. In return, NSO Group said that they had nothing to do with the attack and the ways their clients use the software.
“Our products are used to stop terrorism, curb violent crime, and save lives. NSO Group does not operate the Pegasus software for its clients,” the company told The Guardian.
What makes the case tricky is the fact that WhatsApp wasn’t technically hacked, but exploited to hack into user’s devices.
It gets funkier. On April 30th, 2020, Facebook asked the court to disqualify the law firm King & Spalding representing NSO Group. The argued that there may be a conflict of interest. Since the firm had previously represented WhatsApp in another case, they may have gained knowledge that would give them an unfair advantage. The case in question had to do with the Department of Justice’s efforts to break through WhatsApp’s encryption, and King & Spalding were protecting the encryption against the government.
Interestingly enough, at that time, the lawyer at King & Spalding who worked on the case was Christopher Wray, the current director of the FBI. Nowadays, he is an opponent of strong encryption introduced by tech companies.
Regardless of the outcome, the legal fight with Facebook brought a lot of media attention to NSO Group and its achievements in the spyware business. This happened to be especially important, as the company now pushes a new big product.
NSO Group’s Coronavirus Tracker
A company that makes revenue from selling spyware with all its tech and knowledge would be in a perfect position to develop an IT-solution for COVID-19 tracking. Or so it may seem until the premise of using a benign tracking app made by a malware provider really sinks in.
NSO Group is selling a software solution ambitiously codenamed Fleming, which is meant to monitor and project the spread of the virus based on mobile phone data. The company pitches governments around the world claiming that some countries are already testing the software.
Reportedly, Fleming uses adapted versions of the user interface and analytical tool that were designed to complement Pegasus, the notorious malware made by NSO Group. The company claimed that it won’t be accessing any information and the app won’t be collecting geolocation data. The government clients will have to go the old-fashioned way and ask local mobile phone operators to share their records.
“This is an extremely cynical attempt from a notorious spyware company to branch out into mass surveillance. Every citizen of the world wants to go back to normal as soon as possible. The gold rush to surveillance technology could easily mean that there is a normal expectation of privacy that we will have a hard time going back to,” John Scott-Railton, a senior researcher at the Citizen Lab, told the Motherboard.
NSO Group’s bold decision to take part in saving the world from the pandemic raised a lot of questions and probably at least a few eyebrows. To reiterate, the company is involved in numerous controversies, as its Pegasus spyware has been used extensively by governments around the globe to target unwanted people. Even if what NSO Group says is true and their intentions are good, there aren’t many reasons to believe that their clients will behave, as they clearly haven’t in the past.
“Long after the last community transmitted case of this pandemic, my fear is that these surveillance mechanisms that are being pitched by unscrupulous companies like NSO will stay on our networks and continue to track our phones. This is one dystopian outcome that we can prevent,” John Scott-Railton added.
No Trust In Surveillance Tech
Given the controversial circumstances, the story with NSO Group’s tracking app contributes to a much larger problem.
According to research, about 41% of American adults have both the technical capacity and the willingness to use a virus-tracking app. Learning that some of these apps are made by companies that equip governments with spyware left and right will not help the global effort in the slightest. And then there’s the fact that some governments are very eager to misuse their potent surveillance tools, pandemic or not.
It appears reasonable to assume that an app meant to track the spread of a pandemic has to be used ubiquitously to work properly. When half of the population remains an unknown variable, the usefulness of such tracking is dubious.
And then there’s the big dilemma. It looks like right now the world could use every bit of help to get the pandemic and the economy under control and the means to track the spread of the virus could’ve been very helpful. But there is a substantial price to pay, as extra surveillance is likely to remain in place long after the health crisis.
Subscribe to our Newsletter<
- How Centralized Social Media are Forced to Censor Content: Facebook Case
- Researchers Disclose Bot in Disguise Mining Crypto and Stealing User Data
- Banking Trojan Mekotio Now Targets Cryptocurrencies
- Data Brokers: How Law Enforcement Rely on Inaccurate Data to Supplement Investigations
- Messenger App Steals User Data and Hacks Their Devices, ESET Research
- Hacker Group Targeting Fintech Companies and Personal Data Has Been Under Radar For Years, NOD32 Developer Finds
- Stalkerware Usage in on the Rise as Domestic Violence Rates Surge During Lockdown
- Former Yahoo! Engineer Who Hacked 6,000 Email Accounts Looking for Sexually Explicit Media Avoids Jail