In many cases, the NSO Group had designed its tools to impersonate those of the Red Cross, Facebook, Federal Express, CNN, Al Jazeera, Google and even the Pokemon Company to gain the trust of its targets, according to the researchers.研究人员称之为,很多情况下,NSO集团把自己的工具设计得像红十字会(Red Cross)、Facebook、联邦快递(Federal Express)、CNN、半岛电视台(Al Jazeera)、谷歌(Google),甚至宝可梦公司(Pokemon Company)的一样,以便提供目标的信任。“NSO Group was very professional, and very effective in staying silent,” said Mike Murray, a vice president at Lookout.“NSO集团十分专业,在保持沉默方面也十分有效地,”Lookout的副总裁迈克默里(Mike Murray)说道。In recent years, zero day flaws have been traded among hackers, brokers, companies like the NSO Group, and spy agencies and law enforcement networks eager for ways to break into devices.近年来,零日漏洞在黑客、中间商、NSO集团这样的公司,和急迫地想密码设备的间谍机构与执法人员网络之间交易。Flaws in Apple’s iOS software are sold at a premium. Last year, a similar zero-day exploit in Apple’s iOS software was sold to Zerodium, a Washington buyer and seller of zero-days, for $1 million.苹果iOS软件中的漏洞售价高昂。
去年,苹果iOS软件中一个类似于的零日漏洞被以100万美元(约合670万元人民币)的价格,卖给了华盛顿零日漏洞中间商Zerodium公司。Earlier this year, James Comey, the director of the Federal Bureau of Investigation, announced that his agency had paid hackers who found a way for the F.B.I. to crack into an iPhone used by one of the shooters in last year’s mass killings in San Bernardino, Calif. Neither the hackers nor the F.B.I. have told Apple how this was accomplished.今年早些时候,联邦调查局(Federal Bureau of Investigation,全称FBI)局长詹姆斯科米(James Comey)宣告,FBI向为其寻找密码一部iPhone的办法的黑客缴纳了报酬。那部iPhone的主人是去年加州圣贝纳迪诺大规模杀人事件中的枪手之一。
黑客和FBI皆并未告诉他苹果公司他们是怎么做的。Apple’s software update patches the NSO Group’s exploits, but it is unclear whether the company has patched the vulnerabilities used by the F.B.I. to crack into its iPhone. Apple recently began a “bug bounty” program to pay hackers who report vulnerabilities in its systems.苹果的软件改版修缮了被NSO集团利用的漏洞,但尚能不确切该公司否修缮了被FBI用来密码那部iPhone的漏洞。
最近,苹果启动了一个“漏洞奖励”计划,借钱让黑客报告其系统中的漏洞。Among the other NSO targets, besides Mr. Mansoor, were Rafael Cabrera, a Mexican journalist, who broke a story on conflicts of interest among Mexico’s ruling family. In several cases, NSO Group’s tools had been crafted to target users in Yemen, Turkey, Mozambique, Mexico, Kenya and the U.A.E.除曼苏尔外,NSO的其他目标还包括墨西哥记者拉斐尔卡布雷拉(Rafael Cabrera)。
他写出了一篇揭发墨西哥统治者家族中的利益冲突的报导。在几个案例中,NSO集团制作的工具被用来跟踪利比亚、土耳其、莫桑比克、墨西哥、肯尼亚和阿拉伯联合酋长国境内的用户。Zamir Dahbash, an NSO Group spokesman, said in an email, “The company sells only to authorized governmental agencies, and fully complies with strict export control laws and regulations.”NSO集团的发言人恰米尔达巴什(Zamir Dahbash)在电子邮件中回应,“本公司只面向取得许可的政府机构销售产品,并几乎遵从严苛的出口管控法律规定。
”Mr. Dahbash added that NSO Group does not operate any of its systems and requires that its customers use its products in a “lawful manner.” “Specifically,” he said, “the products may only be used for the prevention and investigation of crimes.”达巴什接着回应,NSO集团不操作者自己的任何系统,并且拒绝客户“合法”用于其产品。“具体来说,”他说道。“涉及产品仅有用作防治和调查犯罪。
”He would not say if the software is used by government agencies in the U.A.E. or Mexico.他没透漏阿拉伯联合酋长国或墨西哥的政府机构否用于了涉及软件。In 2014, NSO Group sold a majority stake to San Francisco-based private equity firm Francisco Partners Management LLC for $120 million. Francisco Partners declined to comment.2014年,NSO集团将多数股权作价1.2亿美元,卖给了总部设于旧金山的投资基金股权公司Francisco Partners Management LLC。后者拒绝接受置评。Mr. Mansoor said in an interview that the discoveries were a sad reminder that no matter what he does to protect his devices and digital security, he will continue to be a target for companies that provide this sort of spying technology.曼苏尔在拒绝接受专访时回应,这些找到令人遗憾,警告他留意,不管为维护自己的设备和数字安全性采行了何种措施,他仍然不会沦为获取这种间谍技术的公司的目标。
“I guess I am their regular customer,” he said. “I am the guinea pig.”“我猜中我是他们的老客户,”他说道。“我就是那个试验对象。”Bill Marczak, the researcher at Citizen Lab who has been helping Mr. Mansoor protect his digital security, said that the surveillance experienced by Mr. Mansoor is likely to expand.仍然在协助曼苏尔维护其数字安全性的“公民实验室”研究人员比尔马尔切克说道,曼苏尔经历的这种监控可能会不断扩大。
“The targeting of these activists and dissidents is a taste of what’s to come,” Mr. Marczak said. “What they’re facing today will be faced by ordinary users tomorrow.”“针对这些活动人士和异议人士人士的活动伴随着未来的发展趋势,”马尔恰克说道。“他们今天面对的情况,普通用户明天也不会遇上。
本文来源:半岛平台官网-www.hptonerdeal.com