HideTechdirt is off for Thanksgiving! We'll be back with our regular posts this weekend.
HideTechdirt is off for Thanksgiving! We'll be back with our regular posts this weekend.

Mexican Businessman Arrested For Using NSO Spyware To Target A Journalist

from the NSO's-long,-international-SEO-nightmare-continues dept

No news is the only good news for Israeli tech company NSO Group. The problem is it's impossible to generate no news when you can't go more than a few days without generating more bad news.

Since the leak of data showing its customers were targeting journalists, activists, religious leaders, and other government officials with powerful malware capable of intercepting cellphone communications, the headlines NSO has racked up range from bad to worse to nightmarish.

Multiple countries are now following up on investigations performed by entities like CitizenLab, performing investigations of their own to determine whether they've been breached by NSO's malware or if government customers have violated rights. The United States has effectively blacklisted the company, forbidding US government agencies from buying its products and US exploit developers from selling to NSO.

One country was host to a large percentage of the numbers on the leaked list of potential NSO Group malware targets: Mexico. 15,000 of the 50,000 phone numbers on the list were located in that country. Perhaps unsurprisingly, Mexico is home to the first arrest related to abuse of NSO spyware.

Mexican prosecutors said Monday they have arrested a businessman on charges he used the Pegasus spyware to spy on a journalist.

[...]

A federal official not authorized to be quoted by name said the suspect is Juan Carlos García Rivera, who has been linked to the company Proyectos y Diseños VME and Grupo KBH. He was detained on Nov. 1.

Mexico buys a lot of spyware from NSO. The AP report says the Mexican government spent $61 million on Pegasus licenses (NSO's most popular -- and most powerful -- phone exploit) from 2006 to 2018. That quote was given to the Associated Press in July. It has since been updated.

Last week, the government’s top anti-money laundering investigator said officials from the two previous administrations had spent about $300 million in government money to purchase spyware. But that figure may reflect all spyware and surveillance purchases, or may include yet-unidentified contracts.

Supposedly the Mexican government has kicked the spyware habit. Current president Andrés Manuel López Obrador was elected in 2018 and promised never to use exploits like these. It remains to be seen if that promise has been broken or will be broken in the future. According to the head of the government's Financial Intelligence Unit -- which monitors government financial transactions for evidence of corruption -- "no transactions" related to the purchase of spyware have been detected.

That's reassuring but not nearly as reassuring as a statement from a non-government entity would be, given the Mexican government's long, mostly unsuccessful, battle with internal corruption.

NSO has, of course, responded with another nonsensical non-denial of the facts at hand:

As stated in the past, NSO’s technologies are only sold to vetted and approved government entities, and cannot be operated by private companies or individuals. We regret to see that, over and over again, the company’s name is mentioned in the media in events that has nothing to do with NSO, directly or indirectly.

This certainly looks like the software was "operated" by a private individual. Maybe that first and pretty damn clear impression will change when more facts are in. Just because NSO forbids the use by private individuals doesn't mean private individuals with access to malware are somehow incapable of deploying it. And, just to be pedantic because NSO insists on pedantry, when issuing defensive statements, this report very definitely has something to do with NSO indirectly. Being angry about the endless stream of bad news doesn't make NSO right and everyone else wrong about it's at least tacit involvement with misuse of its products by its customers.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: journalism, malware, mexico, spyware, surveillance
Companies: nso group


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    David, 18 Nov 2021 @ 12:38pm

    Well...

    Current president Andrés Manuel López Obrador was elected in 2018 and promised never to use exploits like these.

    2018 is 3 years ago. An administration does not turn on a dime regarding how it operates. The first consequence of actual orders (rather than promises) is that the reported results are accompanied by less information about how they have been attained. If the president is serious about this, it creates a certain amount of friction for continuing operations as usual, producing a bit of evolutionary pressure for focusing on different criteria for picking new employees and different weights for choosing a modus operandi.

    So in other words: nice to hear. Not much more, but not less.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Nov 2021 @ 3:41pm

    As stated in the past, NSO’s technologies are only sold to vetted and approved government entities, and cannot be operated by private companies or individuals.

    Um yeah. I don't think so.

    Unless they are claiming they have a technology better than any bio-metric system in existence (since it not only needs to validate who, but that they are a legitimate government agent... which would require knowledge of even which agents are government agents who the government doesn't want to acknowledge publicly), I dont think they can actually do this.

    I mean, after all the worlds leading DRM system now gets cracked in hours. Do they thing that can do something orders of magnitude more complex (DRM, but also validate that the human is in-fact a government agent) AND be impossible to crack?

    I think NSO would come off looking better if they just didn't say anything at all. Or maybe they like the taste of their own feet.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Nov 2021 @ 5:25pm

    test

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Nov 2021 @ 3:18pm

    Is it actually illegal to spy on other people??

    reply to this | link to this | view in chronology ]

    • identicon
      Rocky, 19 Nov 2021 @ 5:59pm

      Re:

      Yes, when you use intrusive methods like installing spyware on their phones and computers. Spying on someone by passively observing them isn't illegal in most cases.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Nov 2021 @ 11:50pm

        Re: Re:

        Can you state precisely what the law that is being broken is called, and what its maximum penalty is currently?? Is there such a law as Invasion of Privacy?

        Aside: Do you mean that I can legally spy on my neighbors with binoculars and video cameras, since they're non-intrusive devices and are not specifically built as spyware??

        reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Advertisment

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.