NSO Offered 'Bags of Cash' to US Mobile Security Firm, Claims Whistle-Blower

Meanwhile, NSO said it had nothing to do with the mobile security company.

5 min read
Edited By :Tejas Harad

An executive at the NSO Group, the Israeli firm behind Pegasus spyware, offered a United States (US)-based mobile security company "bags of cash" in exchange for access to a global signalling network used to track individuals through their mobile phone, a whistle-blower has alleged, according to a complaint made to the US Department of Justice (DoJ), reported The Guardian.

Gary Miller, a former mobile security executive, made the allegation way back in 2017, and the same was disclosed to US congressman Ted Lieu and federal authorities. Lieu said he conducted his research on the claim and found it "highly disturbing."

Lieu then sent details of the allegation made by Miller in a letter to the Department of Justice.

"The privacy implications to Americans and national security implications to America of NSO Group accessing mobile operator signalling networks are vast and alarming," Lieu wrote in his letter.

The letter was also shared with The Guardian.


Governments around the world allegedly used NSO's Pegasus spyware to hack iPhones to target activists, journalists, and lawyers, among others.

India, too, had allegedly bought Pegasus from Israel in 2017 as a part of a $2 billion defence deal, New York Times had reported.

Pegasus is believed to have been used to snoop on at least 300 Indian phone numbers. The names of Rahul Gandhi, Prashant Kishor, Ashok Lavasa, and union ministers Prahlad Patel and Ashwini Vaishnaw were among those on the leaked list of potential targets, The Wire had reported.

Active Criminal Investigation Being Conducted Against NSO by US Department of Justice

According to The Guardian and its other media partners, an active criminal investigation against the surveillance company NSO is being conducted by the DoJ.

Four people familiar with the investigation claim the investigation focuses on the allegations of "unauthorised intrusions" into the mobile devices and networks.

Another person familiar with the criminal investigation claims the DoJ is also in contact with a company whose users were allegedly targeted by clients of NSO using Pegasus spyware.

NSO Wanted To Learn More About Mobileum's Access to Hundreds of Mobile Networks Worldwide

In 2017, Miller, the whistle-blower, was working with a company called Mobileum, which designed, developed, and sold software to protect the SS7 network.

The SS7 network is a global messaging system that mobile phone companies use for legitimate purposes. However, the same can be used to track the physical location of mobile users.

Miller was allegedly asked to lead a web voice call that was attended by Shalev Hulio and Omri Lavie, two of the NSO group's co-founders.

Miller said that the two NSO executives wanted to learn more about Mobileum's access to hundreds of mobile networks worldwide.

In addition, Miller alleged that the NSO co-founders wanted to discuss how getting access to the mobile networks would allow their company to "enhance the capabilities of their surveillance software."

"They stated explicitly that their product was designed for surveillance, and it was designed to surveil not the good guys but the bad guys," Miller said, according to The Guardian.

"They stated multiple times that their work was authorised by government agencies. They didn't get in the details of who those government agencies were," he added.

Miller alleged that as the meeting progressed, a member of the upper management at Mobileum asked the NSO what they believed was the "business model" of working with Mobileum since Mobileum didn't "sell access to the global signalling networks as a product."

According to Miller, Lavie allegedly responded with, "we drop bags of cash at your office."

Miller later made a written disclosure of the same to federal authorities. He said the meeting ended soon after.

A few months later, Miller said he submitted an anonymous tip to the Federal Bureau of Investigation (FBI), reporting some details of the conversation during the meeting. However, he said he did not hear back from the authorities.


'Nothing To Do With Mobile Security Company': NSO

Meanwhile, NSO said it had nothing to do with the mobile security company.

Lavie's spokesperson later told The Guardian:

"No business was undertaken with Mobileum. Mr Lavie has no recollection of using the phrase 'bags of cash' and believes he did not do so. However, if those words were used, they will have been entirely in jest."

A representative of Lavie also told The Guardian in an email that Lavie "strongly denies having suggested any action that was unethical or illegal."

An NSO spokesperson, in a statement to The Guardian, said:

"The company [has] never done any business with this company. We are not aware of any DoJ investigation. In addition, NSO does not do business using cash as a form of payment. Any suggestion otherwise demonstrates a profound lack of understanding about our company."

The Guardian also contacted Huilo for a comment. However, he did not respond.

Miller has since left Mobileum and is currently working as a mobile security researcher at Citizen Lab at the University of Toronto.

In June 2021, Miller had filed his whistle-blower complaint to authorities at the DoJ, the Securities and Exchange Commission, and the Federal Communications Commission. Months later, in December 2021, he had shared his account with Lieu.

There is no evidence if Mobileum ever had another meeting with NSO or gave them access to any mobile networks.

On being asked about the details of the meeting, Mobileum said in a statement:

"Mobileum does not have – and has never had – any business relationship with NSO Group."

"Mobileum takes the data privacy of its customers information very seriously and has implemented a robust cybersecurity program to prevent any breaches. Mobileum does not have any direct access to the customer's network and is unable to provide any kind of access, including SS7 access, to any third party," it added.

There also is no evidence if the DoJ is actively investigating Miller's allegations.


'Tested NSO's Hacking Tool, Didn't Use for Probe': FBI

Meanwhile, the FBI, on Wednesday, 2 February, acknowledged that it had acquired and tested a hacking tool made by the NSO group but added that it didn't use it for any investigation, reported Reuters.

"The FBI procured a limited license for product testing and evaluation only, there was no operational use in support of any investigation," an FBI spokesperson said in a statement.

The spokesperson also said that its licence was no longer active.

NSO has said that its technology is meant for catching terrorists, paedophiles, and hardened criminals.

NSO maintains it sells its products only to "vetted and legitimate" government clients and keeps its client list confidential.

Apple sued NSO in November 2021 for violating its user terms and services agreement.

The US Commerce Department had added NSO to a blacklist in 2021 and had restricted US companies from doing business with it due to human rights concerns.

(With inputs from The Guardian and Reuters.)

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Edited By :Tejas Harad
Speaking truth to power requires allies like you.
Become a Member
Read More