Over the last few years, Facebook has had a slew of privacy and security blunders and more details about one of them have come to light through a new court filing as the social media company is suing the spyware company NSO Group.
Over the last few years, Facebook has had a slew of privacy and security blunders and more details about one of them have come to light through a new court filing as the social media company is suing the spyware company NSO Group. It turns out Facebook tried to buy controversial government spyware to monitor iPhone and iPad users.
Reported by Motherboard, when Facebook was starting to build its spyware cloaked in a VPN product, Onavo Protect for iOS and Android, the social media company reached out to the controversial company NSO Group that creates spyware for government agencies.
A declaration from NSO Group’s CEO, Shalev Hulio revealed that “two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.”
Further documentation in the lawsuit revealed that:
it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.
And in particular, Facebook thought Pegasus would give it an advantage in spying on iPhone and iPad users as Apple devices are more difficult to compromise than Android ones.
“The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices,” the court filing reads. “The Facebook representatives also stated that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and were willing to pay for the ability to monitor Onavo Protect users.”
NSO declined to sell Pegasus to Facebook, but it still built and launched Onavo without Pegasus as a spyware tool in early 2018 under the misleading pretense of being a VPN app.
Apple made Facebook remove Onavo Protect from the App Store in August of 2018.
Then in 2019 Facebook repackaged it as a “Research app” and tried to pay teens to sideload it on their devices.
The Research app was shut down as well and Facebook finally shutdown Onavo completely in February 2019.i