www.theregister.com
Open in
urlscan Pro
104.18.5.22
Public Scan
URL:
https://www.theregister.com/2024/03/01/nso_pegasus_source_code/
Submission: On March 04 via api from TR — Scanned from DE
Submission: On March 04 via api from TR — Scanned from DE
Form analysis 2 forms found in the DOM
POST /CBW/custom
<form id="RegCTBWFAC" action="/CBW/custom" class="show_regcf_custom" method="POST">
<h5>Manage Cookie Preferences</h5>
<ul>
<li>
<label>
<input type="checkbox" disabled="disabled" checked="checked" name="necessary" value="necessary">
<strong>Necessary</strong>. <strong>Always active</strong>
</label>
<label for="accordion_necessary" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_necessary">
<p class="accordion_info"> These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="tailored_ads" value="tailored_ads">
<strong>Tailored Advertising</strong>. </label>
<label for="accordion_advertising_tailored_ads" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg"
class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_advertising_tailored_ads">
<p class="accordion_info"> These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers,
and in some cases selecting advertisements that are based on your interests. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="analytics" value="analytics">
<strong>Analytics</strong>. </label>
<label for="accordion_analytics" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_analytics">
<p class="accordion_info"> These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our
sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. </p>
</div>
</li>
</ul> See also our <a href="https://www.theregister.com/Profile/cookies/">Cookie policy</a> and <a href="https://www.theregister.com/Profile/privacy/">Privacy policy</a>. <input type="submit" value="Accept Selected" class="reg_btn_primary"
name="accept" id="RegCTBWFBAC">
</form>POST /CBW/all
<form id="RegCTBWFAA" action="/CBW/all" method="POST" class="hide_regcf_custom">
<input type="submit" value="Accept All Cookies" name="accept" class="reg_btn_primary" id="RegCTBWFBAA">
</form>Text Content
Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”. REVIEW AND MANAGE YOUR CONSENT Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer. MANAGE COOKIE PREFERENCES * Necessary. Always active Read more These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. * Tailored Advertising. Read more These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. * Analytics. Read more These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. See also our Cookie policy and Privacy policy. Customize Settings Sign in / up TOPICS Security SECURITY All SecurityCyber-crimePatchesResearchCSO (X) Off-Prem OFF-PREM All Off-PremEdge + IoTChannelPaaS + IaaSSaaS (X) On-Prem ON-PREM All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector (X) Software SOFTWARE All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization (X) Offbeat OFFBEAT All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us (X) Special Features SPECIAL FEATURES All Special Features Cloud Infrastructure Week Cybersecurity Month Blackhat and DEF CON Sysadmin Month The Reg in Space Emerging Clean Energy Tech Week Spotlight on RSA Energy Efficient Datacenters VENDOR VOICE Vendor Voice VENDOR VOICE All Vendor Voice Amazon Web Services (AWS) Business Transformation DDN Google Cloud Infrastructure Hewlett Packard Enterprise: AI & ML solutions Hewlett Packard Enterprise: Edge-to-Cloud Platform Intel vPro VMware (X) Resources RESOURCES Whitepapers Webinars & Events Newsletters SECURITY 31 JUDGE ORDERS NSO TO COUGH UP PEGASUS SUPER-SPYWARE SOURCE CODE 31 /* HOPE NO ONE EVER READS THESE FUNCTIONS LMAO */ Thomas Claburn Fri 1 Mar 2024 // 21:34 UTC NSO Group, the Israel-based maker of super-charged snoopware Pegasus, has been ordered by a federal judge in California to share the source code for "all relevant spyware" with Meta's WhatsApp. The order [PDF] from Judge Phyllis Hamilton at the end of last month stems from WhatsApp's 2019 lawsuit [PDF] against NSO for allegedly spying on 1,400 WhatsApp users. The spyware maker is accused of sending carefully crafted data over the internet to select people's phones that, via a vulnerability in the chat app's VoIP stack, allowed malicious code to silently run on those devices, code that in turn allowed victims' conversations and other sensitive information to be accessed remotely. NSO marketed this surveillance service to governments around the world. Judge Hamilton's ruling covers Pegasus and other relevant NSO spyware during the period from April 29, 2018 to May 10, 2020. And it represents a significant legal setback for NSO Group which has been fighting tooth and nail not to be held accountable for providing surveillance tools to government clients. The court order is not a complete rout, however: The judge allowed NSO to withhold its client list and details about its server architecture. NSO Group, which reorganized in 2022, declined to comment on the record. During the period from January 2018 through May 2019, NSO Group allegedly created WhatsApp messaging accounts, set up a series of proxy and relay servers using cloud service providers, and used this infrastructure to send maliciously crafted network packets, via WhatsApp's systems, to mobile devices to exploit CVE-2019-3568. "Defendants caused their malicious code to be transmitted over WhatsApp servers in an effort to infect approximately 1,400 target devices," WhatsApp's complaint claims. "The target users included attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials." NSO Group, which faces similar legal claims brought by Apple and the Knight First Amendment Institute, recently lost its bid to have the US Supreme Court review its claim that it shares the immunity afforded to its foreign state clients. Similarly, its effort to have Apple's lawsuit tossed was rejected in January by a federal judge. Since WhatsApp filed its lawsuit in 2019, pressure has been mounting to curtail the sale of sophisticated spyware. The US has sanctioned commercial spyware vendors like NSO Group, Intellexa, and Cytrox. And the White House issued an executive order last year that somewhat banned government use of spyware – exceptions leave leeway for US snoops and homegrown surveillance software. Governments elsewhere, like Poland and Spain, have been conducting inquiries into the alleged use of Pegasus spyware against political figures and journalists. Nonetheless, the commercial spyware business appears to be doing just fine. As with encryption, governments want spyware for themselves but not for others. * Turns out cops are super interested in subpoenaing suspects' push notifications * Sandvine put on America's export no-fly list after Egypt used network tech for spying * FTC secures first databroker settlement banning sale of sensitive location data * Kaspersky reveals previously unknown hardware 'feature' exploited in iPhone attacks NSO Group has maintained that it only sells spyware to government customers for notionally lawful surveillance. "Our technology is not designed or licensed for use against human rights activists and journalists," the outfit told The Register in 2019. "It has helped to save thousands of lives over recent years." The Register is unaware of which lives, if any, have been saved by Pegasus. However, Amnesty International contends that the software, among other harms, played a role in an infamous assassination. It notes that "family members of Saudi journalist Jamal Khashoggi were targeted with Pegasus software before and after his murder in Istanbul on 2 October 2018 by Saudi operatives, despite repeated denials from NSO Group." Other media reports have indicated as much. > It is vital targets of Pegasus find out who purchased and deployed the spyware > against them Donncha Ó Cearbhaill, head of the security lab at Amnesty International, hailed the court order as a step toward accountability but expressed disappointment that NSO won't have to reveal the clients responsible for the allegedly unlawful targeting of WhatApp users. "NSO Group says that it only sells Pegasus to authorized government customers," Ó Cearbhaill told The Register. "Our Security Lab has documented the massive scale and breadth of the use of Pegasus against human rights defenders and journalists across the world. "It is vital that targets of Pegasus find out who has purchased and deployed the spyware against them so that they can seek meaningful redress." A WhatsApp spokesperson welcomed Judge Hamilton's decision. “The recent court ruling is an important milestone in our long running goal of protecting WhatsApp users against unlawful attacks,” a spokesperson told The Register via email. “Spyware companies and other malicious actors need to understand they can be caught and will not be able to ignore the law.” ® Get our Tech Resources Share MORE ABOUT * Lawsuit * NSO Group * Software More like these × MORE ABOUT * Lawsuit * NSO Group * Software * Spyware NARROWER TOPICS * AdBlock Plus * App * Application Delivery Controller * Audacity * Confluence * Database * FOSDEM * FOSS * Grab * Graphics Interchange Format * IDE * Jenkins * Legacy Technology * LibreOffice * Map * Microsoft 365 * Microsoft Office * Microsoft Teams * Mobile Device Management * OpenOffice * Programming Language * QR code * Retro computing * Search Engine * Software bug * Software License * Text Editor * User interface * Visual Studio * Visual Studio Code * WebAssembly * Web Browser * WordPress BROADER TOPICS * Security * Surveillance MORE ABOUT Share 31 COMMENTS MORE ABOUT * Lawsuit * NSO Group * Software More like these × MORE ABOUT * Lawsuit * NSO Group * Software * Spyware NARROWER TOPICS * AdBlock Plus * App * Application Delivery Controller * Audacity * Confluence * Database * FOSDEM * FOSS * Grab * Graphics Interchange Format * IDE * Jenkins * Legacy Technology * LibreOffice * Map * Microsoft 365 * Microsoft Office * Microsoft Teams * Mobile Device Management * OpenOffice * Programming Language * QR code * Retro computing * Search Engine * Software bug * Software License * Text Editor * User interface * Visual Studio * Visual Studio Code * WebAssembly * Web Browser * WordPress BROADER TOPICS * Security * Surveillance TIP US OFF Send us news -------------------------------------------------------------------------------- OTHER STORIES YOU MIGHT LIKE GITHUB STRUGGLES TO KEEP UP WITH AUTOMATED MALICIOUS FORKS Cloned then compromised, bad repos are forked faster than they can be removed Security3 days | 21 ELON AND THE TERRIBLE, HORRIBLE, NO GOOD, VERY BAD LEGAL WEEK Workers allege discrimination, missing payments On-Prem3 days | 57 GOOGLE CO-FOUNDER BRIN NAMED A DEFENDANT IN WRONGFUL DEATH COMPLAINT Lawsuit accuses contractor and co-defendants of 'pacify and delay' tactics Legal10 days | 30 TIGHTER IT/OT INTEGRATION STARTS WITH ZERO TOUCH Going to work on the edge? Then IT and OT teams shouldn’t be pulling in opposite directions, says Dell Sponsored Feature TOYOTA ADMITS ITS ENGINES ARE OVERRATED – BY ITS OWN POWER TESTING SOFTWARE Japan's government slapped it for using the wrong code to produce too-powerful results Software4 days | 32 WHAT IS GITHUB COPILOT ENTERPRISE? YOU AND YOUR ORG JUST MIGHT FIND OUT FIRSTHAND Big biz invited to like and subscribe, without fear of litigation Devops5 days | 5 EU-TURN! NOW APPLE SAYS IT WON'T BANISH HOME SCREEN WEB APPS IN EUROPE So, er, how will WebKit-only applications work under latest Euro antitrust laws? Anyone? Tim? Applications2 days | 27 TURNS OUT COPS ARE SUPER INTERESTED IN SUBPOENAING SUSPECTS' PUSH NOTIFICATIONS Those little popups may reveal location, device details, IP address, and more Public Sector3 days | 7 KDE PLASMA 6.0 BRINGS THE SAME OLD CHARM AND CONFUSION The big new version of the other desktop, complete with improved HDR and a spinning desktop cube OSes3 days | 35 LIGHTWEIGHT WINDOWS-LIKE DESKTOP LXQT MAKES LEAP TO QT 6 WITH VERSION 2.0 Following in the same direction as the good ship KDE Plasma OSes4 days | 34 BEAST AI NEEDS JUST A MINUTE OF GPU TIME TO MAKE AN LLM FLY OFF THE RAILS Talk about gone in 60 seconds AI + ML4 days | 10 BOFFINS CAUTION AGAINST ALLOWING ROBOTS TO RUN ON AI MODELS Before building the Torment Nexus, consider the risks AI + ML5 days | 9 The Register Biting the hand that feeds IT ABOUT US * Contact us * Advertise with us * Who we are OUR WEBSITES * The Next Platform * DevClass * Blocks and Files YOUR PRIVACY * Cookies Policy * Your Consent Options * Privacy Policy * Ts & Cs Copyright. All rights reserved © 1998–2024