Local Police Shop For Hacker Tools - ThreatWire
Added 2020-05-19 19:51:58 +0000 UTCAccording to brochures and emails obtained by Motherboard, the US branch of the surveillance vendor NSO Group, called Westbridge Technologies, tried to sell products to local US police jurisdictions. The brochure shows a surveillance tool called Phantom, which can siphon a mobile device’s emails, text messages, and contact list, track location, and enable the mic and camera. It was marketed towards the San Diego Police Department through a Westbridge employee over email. A former NSO employee claimed that this Phantom tool is the same as Pegasus, a known surveillance tool that has been sold to countries such as the United Arab Emirates, Mexico, and Saudi Arabia.
According to the SDPD public information officer Lieutenant Takeuchi, these kind of conversations happen routinely with potential vendors and this technology would “need to be utilized only after legal authority (search warrant) was obtained”. Westbridge has also attempted to sell it’s surveillance tools to the DEA, but at that time, the tools were too expensive.
Surveillance tools are common among government-affiliated vendors and agencies, and this wouldn’t be the first time an agency would have worked with a vendor to target mobile device security or privacy. The Justice Department has criticized Apple many times for not helping with technologies that could allow agencies to surveille, track, or unlock mobile phones belonging to suspected criminals. The most recent report of this came on Monday, when the FBI reported that they’d unlocked two different phones belonging to a man who killed several people during a shooting at the Naval Air Station Pensacola in Florida back in December. The FBI unlocked these on their own, but the Justice Department bashed Apple for not helping unlock the phones, with Attorney General William Barr criticizing tech companies for protecting encryption by not allowing for breaking said encryption to help with criminal investigations.
Tech companies have argued against Barr, stating that giving governments lawful access would also create a potential vulnerability that hackers could exploit. This is why many agencies turn to vendors who sell exploits allowing them to crack into devices for criminal investigations. Due to the Westbridge story, Senator Ron Wyden is now asking that congress look into hacking technologies that agencies have access to, saying that “government hacking is among the most invasive forms of surveillance”, adding that “these tools are ripe for abuse.” Wyden is calling on congress to conduct aggressive oversight of the tools permitted.
Links:
Support me on alternative platforms! https://snubsie.com/support
Shop ThreatWire Merch! - https://snubsie.com/shop
https://www.youtube.com/shannonmorse -- subscribe to my tech channel!
ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire
iPhone encryption:
https://www.cnet.com/news/fbi-slams-apple-problem-as-it-unlocks-pensacola-shooters-iphone/
https://www.vice.com/en_us/article/8899nz/nso-group-pitched-phone-hacking-tech-american-police
