Amazon kicks NSO Group activity off its cloud service after spying reports

From CNET: Amazon has deactivated cloud computing accounts that researchers have associated with NSO Group, a hacking tools company that reportedly used Amazon Web Services as part of spyware systems in turn used by governments to surveil phones. The removal came as a result of research by forensic investigators at Amnesty International, who discovered the Israeli company's Pegasus software on the phones of activists and journalists, at times using AWS systems to operate.

Forensic researchers at Citizen Lab, which analyzes spyware at the University of Toronto, independently confirmed Amnesty's discovery that the hacking tools were operating on AWS' CloudFront, a content delivery network product. Amnesty's report says Amazon told its researchers in May that it had moved fast to get the hacking activity off its systems.

The Pegasus spyware is capable of accessing and recording texts, videos, photos and web activity as well as passively recording and scraping passwords on a device, according to a New York Times report. The software is designed to work on iPhones and some Android phones.

In a statement, Amazon reiterated what it had told Amnesty. "When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts," the company said.

News of the removal of NSO Group's activity from AWS was reported earlier by Vice.

View: Full Article