A disgruntled employee at NSO Group, an organization that develops ‘legal’ exploits for mobile devices, allegedly tried to sell the firm’s infamous “Pegasus” malware code for $50 million in cryptocurrency.
Israel-based NSO develops highly effective malware products to sell them to governments and law enforcement agencies that snoop or look to gain access to smartphones. While the firm only sells its tools to these specific buyers, one company allegedly stole the product to try and sell it to non-authorized parties for $50 million, Motherboard reports.
An indictment reveals that the capabilities of the malware “are estimated at hundreds of millions of US dollars”, underlining the danger of hacking tools or exploits falling into the wrong hands.
The indictment claims that the unnamed employee started working at NSO as a senior programmer last year, giving him access to the product and its source code. While the company’s policies and systems prevent employees from attaching external storage devices to siphon data, the employee reported discovered ways to disable those protections and steal a cache of data.
Managers had called the employee into a meeting shortly before this alleged theft to consider firing him, the document adds, leaving him disgruntled. The employee then allegedly stole the code and tried to sell it on the darknet for $50 million in cryptocurrencies such as Monero, Zcash and Verge – all anonymous coins. A potential buyer than alerted NSO to the theft who then worked with local law enforcement wherein the employee’s apartment was raided a few days later.
Pegasus became infamous a few years ago when it enabled its operator to gain access to an iPhone and steal endless amount of data. Apple eventually patched the exploit in iOS 9.3.5.
Image credit: Pexels.