Amazon Web Services (AWS), Amazon’s cloud computing service, is dissociating itself from the Israeli company NSO Group. The latter is accused of providing “Pegasus” spyware to countries to hack the phones of many people, including journalists, activists, politicians, etc.
“When we learned of this activity, we acted quickly to shut down the infrastructure and affected accounts.“, a spokesperson for the American giant told the media Vice. In other words, the servers of NSO Group have been closed.
Using a CDN
It was Amnesty International and Citizen Lab, a research laboratory attached to the University of Toronto in Canada, who discovered in the course of their work that NSO Group was “extensively” using Amazon services to infect victims’ phones, in especially CloudFront. It is a CDN (content delivery network), that is to say a set of servers allowing to reduce the loading times of the content of web pages by reducing the physical distance between the server and the user.
NSO Group would also use OVH servers
For its activities, NSO Group would also rely on the infrastructure of the French OVH as well as that of the Americans Linode and Digital Ocean, according to Amnesty International. None of the three companies has yet reacted to the revelations of the consortium of journalists. The Digital Factory, who contacted the Roubaix company for details, has not yet received a response.