This article is more than 1 year old

NSO Group bloke charged with $50m theft of government malware

Alleged unethical behavior from a grey hat? Who'd a thunk it?

A former worker at NSO Group – the Israeli biz infamous for selling zero-day exploits to governments nice and nasty – has been charged with stealing his employer's spyware, and trying to sell it for $50m on the black market.

The 38-year-old former bod was reportedly told he was going to be fired by his bosses at NSO, and apparently decided on a novel form of golden parachute. Israel's State Attorney's Office claims he took software nasties and vulnerability information worth an estimated $90m and tried to sell it on the dark web for $50m in crypto-currencies.

"The accused committed these crimes out of greed, despite knowing, even if he shut his eyes from seeing it, that his crimes might damage state security and lead to the collapse of a firm employing 500 workers," the State Attorney's Office said, the Jerusalem Post reports.

Sad Android

Inside the ongoing fight to stamp out govt-grade Android spyware


However, he came a cropper when the apparent buyer of the hacking toolkits double crossed him, and informed NSO of the transaction. The company went to the cops, who raided the employee's home and found the missing data, reportedly under the suspect's mattress.

It appears that the surveillance-ware in question was NGO's flagship Apple-hacking software codenamed Pegasus. This exploited what were zero-day holes in iOS and OS X, until the code was identified by Canadian non-profit Citizen Lab and the flaws fixed by Apple. There's a similar package for Android named Chrysaor.

The employee has now been charged with alleged theft and damaging private assets in a manner that would jeopardize state security interests. It could be an interesting trial, if the proceedings are ever made public. ®

More about


Send us news

Other stories you might like