Amazon Web Services Shuts Down NSO Group Servers Following Spy Case

Amazon Web Services (AWS), Amazon’s cloud computing service, is dissociating itself from the Israeli company NSO Group. The latter is accused of providing “Pegasus” spyware to countries to hack the phones of many people, including journalists, activists, politicians, etc.

When we learned of this activity, we acted quickly to shut down the infrastructure and affected accounts.“, a spokesperson for the American giant told the media Vice. In other words, the servers of NSO Group have been closed.

Using a CDN

It was Amnesty International and Citizen Lab, a research laboratory attached to the University of Toronto in Canada, who discovered in the course of their work that NSO Group was “extensively” using Amazon services to infect victims’ phones, in especially CloudFront. It is a CDN (content delivery network), that is to say a set of servers allowing to reduce the loading times of the content of web pages by reducing the physical distance between the server and the user.

Until now, Amazon had always remained silent on its ties to NSO Group even when Motherboard (Vice) had revealed in May 2020 that the Israeli company had used its infrastructure to spread malware. At that time, the American giant had not responded to a request for comment asking whether NSO Group had violated the terms of use.

NSO Group would also use OVH servers

For its activities, NSO Group would also rely on the infrastructure of the French OVH as well as that of the Americans Linode and Digital Ocean, according to Amnesty International. None of the three companies has yet reacted to the revelations of the consortium of journalists. The Digital Factory, who contacted the Roubaix company for details, has not yet received a response.

Back to top button