
WhatsApp ties NSO Group’s hacking operations to America in new court evidence - wlscr
https://tech.newstatesman.com/security/whatsapp-ties-nso-groups-hacking-operations-to-america-in-new-court-evidence
======
stefan_
I say grant them their wish. Foreign nation state operatives hacking in plain
sight in the US, in active war zones? Treat them as the enemy combatants,
terrorists even that they want to be recognized as.

~~~
KoftaBob
NSO Group is an Israeli operation, i.e. working with Mossad, so there is a
slim chance of the US treating them as an "enemy combatant".

~~~
squarefoot
I woudn't count on that. There's a chance they're at least indirectly funded
by the US, since the US pays several billions every year to Israel, both in
military and economic aid.

[https://ifamericansknew.org/stat/cost_of_israel.html](https://ifamericansknew.org/stat/cost_of_israel.html)
I've no idea of the reliability of that site, however the author was a former
US Foreign Service officer.

~~~
simonh
Almost all of that is in the form of credit to be used to buy American
military equipment and services. It's as much a subsidy for American arms
contractors as it's aid to Israel, although yes it is both. Still, it's not
cash and they can't just spend it on whatever they like.

Furthermore regarding the linked article, how is a loan guarantee just thrown
in to the total. Unless Israel actually defaults on every single loan every
year the cost of that is close to zero. Is that really a reasonable assumption
to make? So now who's lying.

------
_trampeltier
They even used for the attacks there own servers in the us!

“NSO says “our clients do the hacking, not us”.

almost like

“Kim Dotcom says “our clients do share movies, not me”.

------
ngneer
NSO seems to be making an argument that arms dealers typically make. Perhaps
they could point out real examples of defensive uses. Otherwise, enough.
Hafsiku lehitamem.

------
Nextgrid
Didn't Facebook try to buy exploits off NSO Group just recently?

~~~
TACIXAT
That was alleged in court but no evidence has been provided publicly. I do not
see the relevance here though, FB being gross doesn't make NSO any less gross.

~~~
Nextgrid
It is a bit bold that WhatsApp (owned by FB) is throwing accusations about NSO
Group even though they allegedly attempted to buy exploits from them.

~~~
fnord77
not if their intent was to fix zero days that nso discovered.

I mean, companies pay out bug bounties, this doesn't seem that much different

------
libpcap
Is there a way to find out if your phone has been infected by Pegasus malware?

~~~
aspenmayer
Out of date info, but it was once valid. Relevant because Pegasus malware is a
product of NSO Group.

[https://www.reddit.com/r/jailbreak/comments/4zpkkm/release_p...](https://www.reddit.com/r/jailbreak/comments/4zpkkm/release_pgcheck_tools_to_check_if_your_device_has/)

[https://github.com/z448/pgcheck](https://github.com/z448/pgcheck)

[https://info.lookout.com/rs/051-ESQ-475/images/lookout-
pegas...](https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-
technical-analysis.pdf)

------
SlowRobotAhead
I’m very skeptical that any nation state group is foiled by leaked ip
addresses or language identifying strings left in code. Both seem like such
obvious red herrings that it makes me question anyone that puts stock in them.

~~~
jdm2212
Worthing actually reading the article.

NSO Group isn't like Cozy Bear -- it's not a code name for an unknown probable
nation-state APT. It's an Israeli company that sells hacking tools used by the
Saudis (among others).

NSO Group was "tied to America" in a legal sense relevant to WhatsApp's
lawsuit. There's no implication that it was, like, secretly the NSA or
something. Just that this Israeli company rented US-based servers from a US-
based company, and this invalidates some legal defenses they're using to fight
WhatsApp's lawsuit.

~~~
SlowRobotAhead
Yes, no, I read it. I just don’t think there is a bill of sale for rented
servers anywhere that has the recipient as “Elite Nation State Hacker Group”.
If the trail is IP address, I trust that as much a “spasibo” being proof of
Russian Hackers.

~~~
jdm2212
NSO Group is not an "Elite Nation State Hacker Group". It's a private Israeli
company that sells malware (and apparently malware-as-a-service).

If they didn't rent those servers, it would be very easy for them to say to
the court "we did not rent those servers, our clients did". Notably, they did
not say this. Probably because they did rent the servers, and if subpoenaed
the hosting provider would produce receipts showing that. And then NSO's
lawyers would get disbarred.

