Who are the hackers who cracked the iPhone?

By: Dave Lee

Israel-based organization called NSO Group. / AFP PHOTO / JACK GUEZ

What do we know about the curious, secretive NSO Group? Very little – but after this week, an awful lot more than we did before.

The group, an Israeli-based but American-owned company, specialises in creating what it calls tools against crime and terrorism. But the security researchers call them something else: a cyber arms dealer.

On Thursday, the NSO Group was thrust into international headlines after being credited with creating malicious software capable of “jailbreaking” any iPhone with just one tap of the screen, and then installing vicious spyware.


Factfile: NSO

  • Founded in 2010 and has had several different names
  • Based in Herzliya, Israel, and owned by US investment firm Francisco Partners
  • Could be worth $1bn

Security-savvy human rights lawyer Ahmed Mansoor found himself targeted by the attack when his iPhone received a message promising “secrets” about torture happening in prisons in the United Arab Emirates.

Had he tapped on the link, the phone would have been plundered. Huge amounts of private data: text messages, photos, emails, location data, even what’s being picked up by the device’s microphone and camera.

Thankfully, he didn’t do that. Instead, he passed on the message to experts at Citizen Lab and Lookout, who peeled back the covers on what they described as one of the most sophisticated cyber weapons ever discovered. With it came evidence that it was the NSO Group’s expertise at the heart of it all.

Big money deals

Earlier this year, UK-based watchdog Privacy International launched a database tracking the global trade of cyber arms. Its intention was to track deals between cyber arms companies and governments.

According to the Surveillance Industry Index (SII), the NSO Group was founded in 2010 and is based in Herzliya, an attractive city north of Tel Aviv that is known as being a cluster of tech start-ups. The group was likely funded by the elite 8200 Intelligence Unit, an Israeli military-funded scheme for start-ups.

According to Forbes, the 8200 Intelligence Unit was heavily involved in providing expertise and funding for Stuxnet, a cyber attack on Iran that was a joint operation between the US and Israel.

More: https://www.bbc.com/news/technology-37192670