July 14, 20185min959

Rogue Security Analyst Tries to Sell Top-Secret iPhone Malware for $50 Million in Cryptocurrency

A lead programmer working for NSO Group, the Israeli cybersecurity firm behind the notorious Pegasus iPhone malware has been arrested after a failed attempt to illegally sell the top-secret spyware to an unauthorized party via the dark web in exchange for $50 million worth of cryptocurrency.

A report from the Times of Israel states that the 38-year-old engineer from the Netanya has been indicted by prosecutors at the Tel Aviv District Court on charges of “trying to damage property in a way that would harm national security, theft by an employee, activities to market defense material without a permit, and obstruction and interfering with computer material.”

Although the attempted $50 million sale was unsuccessful, the incident raises a number of questions about the internal security processes of NSO and other private cybersecurity firms whose products like Pegasus could have potentially disastrous and far-reaching consequences if they fall into the wrong hands.

Access to NSO Servers

According to a report from Israeli tech news platform CTech, even though the suspect was aware of the damage that could be caused by leaking Pegasus to non-government entities, he went ahead with his plan to sell the top-secret malware because he was set to lose his job at NSO after violating company policy by connecting an external storage device to the company’s computers after researching to how to do so without being detected on the internet.

The company detected his actions and summoned him to a pre-termination hearing on April 29. Following the hearing, for an unspecified reason, he was permitted to return to his workstation where he connected a storage drive to the company server and downloaded the company’s source code along with additional information that could potentially be used to create a black market version of Pegasus.

His plan was to sell the code on the dark web for $50 million in untraceable anonymous crypto coins – Monero, Zcash and Verge, the indictment reveals – posing as a member of a hacker group that gained access to NSO servers. The proposed buyer however grew suspicious of the suspect’s claims and contacted NSO to inform them that their software was being touted online. Remarkably, until that point, NSO was not aware of the theft.

Following a complaint by NSO, the Israeli police cyber crimes unit arrested the programmer on May 6, and brought him up on a number of serious charges including “attempting to maliciously damage assets used by Israel’s security arms in a way that could jeopardize the country’s security.”

Following his indictment, NSO was at pains to point out that despite the theft, Pegasus has not found its way into the public domain, and no confidential information has been leaked.

A statement released to the press by NSO said in part:

“The company was able to quickly identify the breach, collect evidence, identify the perpetrator, and share its findings with the relevant authorities. The authorities, in turn, responded quickly and effectively, so that within a very short time the former employee was arrested and the stolen property was secured. No (intellectual property) or company materials have been shared with any 3rd party or otherwise leaked, and no customer data or information was compromised.”

It will be recalled that Pegasus attained global notoriety after it was revealed that a number of governments around the world have made use of the malware to spy on activists. Pegasus remains uniquely attractive as a malware because it is the only malware solution that combines complete surveillance of an iOS user’s actions with easy installation, reportedly installing itself via a simple SMS link.

Related Articles


About us

We are the new economy news hub. 2100NEWS is the professional index, data, and tools provider in the digital asset space, offering Crypto Market Intelligence, providing the perspective you can trust and equipping you with information edge you need to stay ahead. (Real-time data of token issuers and news, analysis and commentary from community.) We are very excited to contribute to the evolution of the industry and build an ecosystem around our offering (the institutional-grade data infrastructure required to enable institutional investments in digital assets). We want our contributions (Contents and Tools on 2100NEWS.com) to be useful for helping investors.


CONTACT US

CALL US ANYTIME



Latest posts



Newsletter


    • ethereumEthereum (ETH) $ 2,430.73 0.4%
    • litecoinLitecoin (LTC) $ 67.49 2.65%