Continue Reading Below
The sales pitch from NSO Group comes after it was unveiled earlier this year that the firm’s signature malware, known as Pegasus, was used to penetrate Facebook’s WhatsApp service.
Spy agencies and foreign governments have used the product for years to gather information from smartphones.
But now, NSO is marketing Pegasus as a tool to scrape data from the billions of individuals who use cloud services from the top U.S. tech firms, including location data, photos and messages, according to the Financial Times, which cited individuals familiar with the issue and company documents.
NSO denied the charges, telling the publication it does “not provide or market any type of hacking or mass-collection capabilities to any cloud applications, services or infrastructure.
NSO markets the software as a weapon, but says it only sells Pegasus to responsible governments as a way to protect against potential illicit activity and terrorist attacks. Uganda's government, for example, is one of the prospective clients pitched on the ability of Pegasus to "retrieve the keys that open cloud vaults," the FT reported.
But Pegasus is said to be used to track human rights activists around the globe, raising significant questions for the Silicon Valley giants who together oversee a treasure trove of user data.
To scrape the information, NSO reportedly copies authentication keys from already infected phones and impersonates that device on separate servers, avoiding the increasingly common two-step authentication process, according to the FT.
Security teams at the affected firms are said to be probing the technique.
Amazon says no customer accounts have been accessed by the software. Facebook is investigating the issue, while Microsoft urged customers to keep a “healthy device.”
Apple said it did not believe the software was “useful for widespread attacks against consumers” and Google declined to comment.