NSO Group says it monitors customers for abuses of its spyware.
Amazon has deactivated cloud computing accounts that belonged to NSO Group, a hacking tools company that reportedly used Amazon Web Services as part of spyware systems in turn used by governments to surveil phones. The removal came after reports by forensic investigators at Amnesty International that the Israeli company’s tools had been found on the phones of activists and journalists, and at times used AWS systems to operate.
Forensic researchers at Citizen Lab, which analyzes spyware at the University of Toronto, independently confirmed the hacking tools were operating on AWS’ CloudFront, a content delivery network product. Amnesty’s report says Amazon told its researchers in May that it had moved fast to get NSO Group’s activity off its systems.
In a statement, Amazon reiterated what it had told Amnesty. “When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” the company said.
News of the removal of NSO’s products from AWS was reported earlier by Vice.
An NSO Group spokesperson said in a statement that the “claims are false.” The company subsequently clarified the statement, saying it referred to the claim that AWS had removed its accounts. Amazon didn’t immediately respond to a request for comment on NSO Group’s assertion that Amazon didn’t deactivate its AWS accounts.
NSO Group told The Washington Post that it would investigate the recent findings that its products had been used to spy on activists and journalists.
The cloud giant’s decision to end service to the hacking tools vendor comes the same year that AWS removed accountswhere right-wing extremists posted. posts from users who posted racist and sexist slurs, as well as calls to violence against lawmakers, Amazon facilities and Amazon founder Jeff Bezos. Parler sued Amazon twice over the move, and was favoring another customer, Twitter, by removing support for Parler.
The NSO Group removal comes as a group of news sites revealed extensive, analyzing a list of thousands of phone numbers, several of which Amnesty International researchers confirmed were hacked with NSO Group software by analyzing the phones directly. Among the reported targets were two women close to murdered Saudi journalist Jamal Khashoggi, according to The Washington Post, as well several journalists and activists in countries including India, Azerbaijan and Rwanda, according to Amnesty International.
NSO Group denies its software was involved in hacking the targets associated with Khashoggi, and called the news investigation into question. Among thousands of phone numbers investigated, 37 phones were analyzed. On those phones, “the reporters fail to prove a definitive link between the numbers and NSO,” an NSO Group spokesperson said.
Published at Mon, 19 Jul 2021 21:42:06 +0000
This post originally posted here https://www.cnet.com/news/amazon-kicks-nso-group-off-its-cloud-service-after-spying-reports/#ftag=CAD590a51e