Got a tip? You can contact this reporter securely on Signal on +44 20 8133 5190, OTR chat on email@example.com, or email firstname.lastname@example.org.
A potential customer engaged the employee, who was now posing as a hacker that had penetrated NSO’s systems, but reported the attempted sale back to NSO. Then in collaboration with NSO, the customer asked the defendant for more details. Days later, police raided the employee’s apartment, the document adds.The indictment says that the defendant’s alleged actions have harmed the security of Israel, in part, because it could have “caused the collapse of NSO.”John Scott-Railton, a senior researcher also from Citizen Lab, told Motherboard in an online chat that "The concern about proliferation of spyware and exploit tech is not just about sales to paying customers, it's about the potential diversion and theft of the technology."The document says that, during the period relevant to the indictment, NSO employed around 500 workers and its market value was estimated at some $900 million. In May, Reuters reported that US surveillance giant Verint was in talks to buy NSO in a deal worth about $1 billion.Verint did not respond to a request for comment. Francisco Partners, the global equity firm which currently owns most of NSO, did not respond either."If I were an investor looking at NSO, this case would make me deeply concerned: how much liability would I be exposed to if leaked or stolen code/exploits are used by non-customers are part of an attack?" Scott-Railton added.Update: This piece has been updated to include additional comment.
That cache includes NSO’s product source code, “which allows exposure and a full understanding of how the system operates” and “cyber capabilities.”