Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Facebook tried to buy NSO Group's iOS spyware to monitor iPhone users [u]

Last updated

NSO Group, the team behind the 2019 WhatsApp spyware attack, says Facebook proposed buying "Pegasus" software to better keep tabs on iOS users' activity.

Notoriously controversial NSO Group have released court documents that show Facebook had attempted to purchase a powerful piece of spyware known as Pegasus. Using Pegasus, after a user clicked a seemingly innocuous link received through a message, the target device would be jailbroken, and malware would be loaded to monitor and steal data. The data is exported, giving users — or Facebook in this case — access to sensitive user data.

Data harvested includes all messages and photos, login information, plus data concerning the entire history of the phone's location.

Allegedly, NSO only sells its products to a "sovereign government or government agency." But, according to a declaration from NSO CEO Shalev Hulio, two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use specific capabilities of Pegasus, reports Vice

Facebook was interested in buying Pegasus as they were concerned that their own data-gathering software seemed less effective on Apple devices. Facebook's software that was going to get the functionality, Onavo Protect, was billed as a piece of VPN software. Onavo was used primarily to gather information about what other apps Facebook users were using on their mobile devices.

"The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices," the court filing reads. "The Facebook representatives also stated that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and were willing to pay for the ability to monitor Onavo Protect users."

Facebook had allegedly proposed to pay NSO a monthly fee for each Onavo Protect user. However, NSO maintains that they refused the sale on the grounds that Facebook is a private entity.

Onavo Protect was eventually forced off the App Store in 2019 when Apple found the app in violation of newly implemented privacy policies. Specifically, the software ran afoul of data collection restrictions and parts of the iPhone maker's developer agreement covering customer data usage.

"NSO is trying to distract from the facts Facebook and WhatsApp filed in court nearly six months ago. Their attempt to avoid responsibility includes inaccurate representations about both their spyware and a discussion with people who work at Facebook," a Facebook spokesperson told AppleInsider. "Our lawsuit describes how NSO is responsible for attacking over 100 human rights activists and journalists around the world. NSO CEO Shalev Hulio has admitted his company can attack devices without a user knowing and he can see who has been targeted with Pegasus. We look forward to proving our case against NSO in court and seeking accountability for their actions."

Apple said Onavo Protect used data for purposes not directly related to app functionality or for serving up advertising to users.

Facebook is currently suing NSO for exploiting a VoIP-related vulnerability in WhatsApp that allowed Pegasus to install spyware on both iOS and Android handsets remotely.

In July, NSO made the news circuit for its government customers that its Pegasus malware could extract far more data about any given individual. As well as data on the person's smartphone, the claim is that the group can covertly retrieve all of the information that a person has stored on servers owned by Apple, Google, Microsoft, Facebook, and Amazon.

Updated April 4 8:10 A.M. Eastern time with a statement from Facebook



25 Comments

GG1 483 comments · 7 Years

Although I don't use FaceCrook, I'm sure they have info on me, possibly from Zoom or someone else. I am using the paid corporate version of Zoom - not sure if that helps.

StrangeDays 12980 comments · 8 Years

Of course they did. FB is spyware.

I have it for family and friends I keep in touch with...but I've noticed it runs very poorly -- the FB app burns very, very hot after just a minute or two of use. Makes you wonder what it's doing; the thing is basically a text & image browser over HTTP, so why so hot...

apple ][ 9225 comments · 13 Years

I am of course still not on Facebook and never have been.

I have had bad feelings and suspicions about their motives and practices ever since the beginning.

Screw those bastards.

What is wrong with that CEO by the way? Look at that haircut and that soulless expression. He looks like Data from TNG.

gatorguy 24627 comments · 13 Years

Of course they did. God FB is the malware of US corporations. 

It wasn't all that long ago that Apple and Facebook played the part of a tag-team with "deep Facebook integration" embedded with iOS6. As I recall from the time there were a number of AI members excited about it. Thank goodness for everyone here that it didn't take Apple too many years to wise-up and discontinue it, but it was an odd partnership from the beginning.https://techcrunch.com/2012/06/11/facebook-apple-wwdc/
https://forums.appleinsider.com/discussion/150426/facebook-ios-integration-to-be-announced-at-wwdc-report-says/p4

sflocal 6138 comments · 16 Years

If you're using Facebook, and complaining about their privacy ethics, then cancel your account and move on.  The constant bitching gets old.  Even if Facebook charged users $1/month for a guaranteed 100% privacy-enabled service, I would bet money that 99% of users would NOT use it.

Nothing is "free".  You're the product.  Get over it.  Damn...