Israeli cyber security company NSO has denied telling customers that its Whatsapp-hacking spyware is capable of hacking people’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft.
NSO’s smartphone malware, named Pegasus, has been used by governments for a number of years to spy on specific individuals and how they use their smartphones, it was revealed in May.
Now it has evolved to be able to capture the trove of information stored beyond phones in cloud services like Facebook, Google Cloud and Apple’s iCloud, according to the Financial Times.
Documents seen by the FT reportedly state that the malware can reveal the full history of a target’s location data, archived messages and photos.
NSO has denied promoting hacking or mass-surveillance tools for cloud services, but the Financial Times reported that the firm did not deny it had developed the technology with the capability described.
However, NSO has refuted those claims when questioned by City A.M.
“The Financial Times got it wrong. NSO’s products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure suggested,” an NSO spokersperson said.
“Increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk. NSO’s lawful interception products are designed to confront this challenge.
“Our products are licensed in small scale to legitimate government intelligence and law enforcement agencies for the sole purpose of preventing or investigating serious crime, including terrorism.”
But the report claims the Pegasus software has been traced on the phones of human rights activists and journalists around the world, raising allegations it is being abused.
The new tech allegedly copies authentication keys of services like iCloud and Google Drive from an infected phone before impersonating it and allowing open-ended access.
The report says it works on any phone Pegasus can infect, including the latest iPhones and Androids, and continues to work even if the malware is removed.
“Protecting the security of people’s accounts is a top priority. We are reviewing these claims,” a Facebook spokesperson said.
A Google spokesperson said: “We’ve found no evidence of access to Google accounts or systems, and we’re continuing our investigation.
“We automatically protect users from security threats and we encourage them to use tools like our Security Checkup, 2-step verification, and our Advanced Protection Program, if they believe they may be at especially high risk of attack.”
Apple did not respond to request for comment.