Spyware company NSO, whose Pegasus app can be used to give attackers almost full remote access to an iPhone, has announced that it is downsizing, and losing its CEO.
Bizarrely, the company argues that this is in order to prepare for growth …
Background
NSO Group makes spyware called Pegasus. The company purchases so-called zero-day security vulnerabilities (ones that are unknown to Apple) from hackers, and its software is said to be capable of mounting zero-click exploits – where no user interaction is required by the target.
In particular, it’s reported that simply receiving a particular iMessage – without opening it or interacting with it in any way – can allow an iPhone to be compromised, with personal data exposed.
NSO claims that it sells Pegasus only to governments, but its customers include countries with extremely poor human rights records – with political opponents and others targeted.
Prime ministers, US State Department officials, senior EU officials, journalists, lawyers, and human rights activists are among those whose iPhones have been hacked by Pegasus.
The US government banned the import and use of Pegasus, depriving the company of its most lucrative customer base: US law enforcement agencies. Apple added to the pressure, suing the company, and alerting owners of infected iPhones.
NSO claims to exercise care in approving customers, but few believe it, and the company’s CEO wanted to tear up even the claimed rules under which it operated.
Spyware company downsizing
Bloomberg reports that the company is now downsizing.
Israeli spyware company NSO Group’s chief executive officer is stepping down as the company restructures to focus on NATO-member countries, it said in a statement.
Outgoing CEO and co-founder Shalev Hulio said in a press release that the company is preparing for “its next phase of growth.” The firm is also cutting 100 posts out of its 750-strong workforce, according to an official in the company who asked not to be identified because of the sensitivity of the subject.
The company also claims that it will in the future only sell its spyware to NATO members, which would eliminate most of its more controversial customers. Current NATO members comprise Canada, Croatia, France, Germany, Greece, Hungary, Czech Republic, Denmark, Estonia, Albania, Belgium, Bulgaria, Iceland, Luxembourg, Montenegro, Netherlands, Italy, Latvia, Lithuania, North Macedonia, Norway, Poland, Slovakia, United Kingdom, Portugal, Romania, United States, Slovenia, Spain, and Turkey.
9to5Mac’s Take
Given the company’s history of misleading, contradictory, and questionable statements, claiming that downsizing is a path to growth is par for the course. Back in June, the company was reportedly planning to sell to red-flagged countries, and now claims to be targeting only NATO members. Nobody is likely to give too much credence to anything the company says.
The company is clearly now in significant financial difficulties. But despite losing the US as a customer, and Apple undermining the effectiveness of Pegasus by continuing to notify those infected by it, the company continues to cling on.
A further crackdown by Congress is the latest hope for putting the spyware company out of business.
Photo: Israel Andrade/Unsplash
FTC: We use income earning auto affiliate links. More.