The Israeli security firm NSO Group, known for its Pegasus malware has been used to hack phones (about 50,000 phones were hacked as per the list revealed by journalists from 17 media houses) gets shunned by AWS (Amazon Web Sevices). The move comes after the group of media outlets published NSO’s malware and phone numbers for targeting by NSO’s government clients.
An AWS spokesperson told Motherboard “When we learned of this activity, we acted quickly to shut down relevant infrastructure and accounts”
Back in 2020, the United Nations experts called for an investigation after a forensic report claimed that one of the mobile hacking tools developed by the NSO Group was used to hack into the phone of Amazon found Jeff Bezos. In the same year, Amazon had also remained silent on NSO using its infrastructure. It did not respond to a request for comment asking if NSO had violated any of its terms of service.
Zack Whittaker, the security editor at TechCrunch took to Twitter stating that it’s no secret Amazon has known NSO for over a year.
As per Amnesty’s report, CloudFront infrastructure was used in n deployment of NSO’s malware against targets, including on the phone of a French human rights lawyer. The move to CloudFront also protects NSO somewhat from researchers or other third parties trying to unearth the company’s infrastructure
“NSO does not operate the systems that it sells to vetted government customers and does not have access to the data of its customers’ targets. NSO does not operate its technology, does not collect, nor possesses, nor has any access to any kind of data of its customers. Due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as the identity of customers of which we have shut down systems.”, NSO said in a statement to The Guardian.