NSO Group former employee stole 0day worth 90 million

A former employee of the NSO Group, a company from Israel which manufactures and distributes 0day exploits to governments, is accused of having stolen a spyware from his employer and tried to sell 50 for millions of dollars in the black market.NSO Group

The former NSN Group 38 former employee was fired and apparently decided to think about his future. The Israeli State Attorney's Office alleges that it received information that it attempted to dispose of a $ 90 million worth of vulnerability and attempted to sell it on the Dark Web for $ 50 million in cryptocurrencies.

"The accused committed this crime out of greed, despite knowing that it could damage state security and lead to the collapse of a company with 500 employees," the Attorney General said, according to Jerusalem reports.

However, a buyer of hacking tools informed the NSO about the transaction and the company contacted the authorities immediately. So when the Police "visited" the house of the former employee, they discovered a lot of information.

The product in question was a vulnerability that was hacking on Apple products and was codenamed Pegasus. The vulnerability was 0day until it was discovered by the nonprofit company Citizen Lab of Canada, and was repaired by Apple.

There is a similar package for Android devices called Chrysaor.

The former employee is accused of stealing and destroying private assets in a way that jeopardizes state security interests. It could be an interesting trial if the process is ever publicized.

________________________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.098 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).