1 Feb 2022
A whistleblower has alleged an exec at NSO Group offered a US mobile security Co. [Mobileum] cash for access to a global signalling network used to track individuals through their mobile phone, according to a complaint that was made to the DoJ
theguardian.com/news/2022/feb/…
A whistleblower has alleged an exec at NSO Group offered a US mobile security Co. [Mobileum] cash for access to a global signalling network used to track individuals through their mobile phone, according to a complaint that was made to the DoJ
theguardian.com/news/2022/feb/…
The allegation, which dates back to 2017 and was made by a former mobile security executive named Gary Miller, was disclosed to federal authorities and to the US congressman Ted Lieu, who said he conducted his own due diligence on the claim and found it “highly disturbing”.
Details of the allegation by Miller were then sent in a letter by Lieu to the DoJ
“The privacy implications to Americans and national security implications to America of NSO Group accessing mobile operator signalling networks are vast and alarming,” Lieu wrote in his letter.
“The privacy implications to Americans and national security implications to America of NSO Group accessing mobile operator signalling networks are vast and alarming,” Lieu wrote in his letter.
NSO is the subject of an active criminal investigation by the DoJ. The investigation, they claim, is focused on allegations of unauthorised intrusions into networks and mobile devices.
In 2017, Gary Miller – the whistleblower was working for Mobileum, which developed and sold software to protect the decades-old SS7 network, a global messaging system used for legitimate purposes by mobile phone Co's, but can also be used to track mobile users’ physical location
Miller was asked to lead a web voice call that he alleged in records provided to authorities was attended by NSO executives Shalev Hulio and Omri Lavie, two of the group’s co-founders.
NSO was interested in learning more about Mobileum’s access to hundreds of mobile networks around the world. Specifically the NSO executives wanted to discuss how gaining access to the mobile networks would allow NSO to “enhance the capabilities of their surveillance software”
As the meeting progressed, Miller alleged, a member of his own company’s leadership at Mobileum asked what NSO believed the “business model” was of working with Mobileum, since Mobileum did not sell access to the global signalling networks as a product.
According to Miller, and a written disclosure he later made to federal authorities, the response allegedly made by Lavie was “we drop bags of cash at your office”.
Miller said the meeting ended soon thereafter.
Miller said the meeting ended soon thereafter.
A few months later, Miller said he submitted an anonymous “tip” to the FBI in which he reported some details of the August 2017 conversation but did not hear back from authorities.
Lavie’s spokesperson said: “No business was undertaken with Mobileum. Mr Lavie has no recollection of using the phrase ‘bags of cash’, and believes he did not do so. However, if those words were used they will have been entirely in jest.”
Eran Gorev, who was a managing partner at Francisco Partners, that had an interest in NSO in August 2017, and Miller says attended the meeting, said he had not been involved in NSO for more than three years and had “no recollection” of ever meeting with or speaking with Mobileum
He said if such a meeting did take place, he would “absolutely never make a comment like this” and that if someone else did, “it would “clearly have been made in jest and a colloquial expression/cultural misunderstanding”.
Gorev also said that during the time he was “involved” with NSO, the company complied with all applicable laws with “strict oversight by the Israeli government” and had instituted a business ethics committee.
31 Jan 2022
Mobileum Receives a Strategic Investment from H.I.G. Technology Partners
Mobileum is a leading global software provider of mission-critical solutions that allow communications service providers to manage increasingly complex networks.
markets.businessinsider.com/news/stocks/mo…
Mobileum Receives a Strategic Investment from H.I.G. Technology Partners
Mobileum is a leading global software provider of mission-critical solutions that allow communications service providers to manage increasingly complex networks.
markets.businessinsider.com/news/stocks/mo…
Mobileum serves a blue-chip customer base, including 35 of 36 global Tier 1 telcos and 70% of Tier 2 telcos in over 190 countries.
Kirkland & Ellis served as legal advisor to HIG
Jefferies served as financial advisor
Kirkland & Ellis served as legal advisor to Mobileum
Kirkland & Ellis served as legal advisor to HIG
Jefferies served as financial advisor
Kirkland & Ellis served as legal advisor to Mobileum
Headquartered in Silicon Valley, Mobileum has global offices in Australia, Argentina, Belgium, Brazil, Egypt, Germany, Greece, India, Indonesia, Malaysia, Mexico, Portugal, Singapore, Spain United Arab Emirates, and the UK.
Bobby Srinivasan, CEO of Mobileum
Bobby Srinivasan, CEO of Mobileum
1 June 2015 Triangle Holdings (Luxembourg) General Meeting
Osy Holdings (Cayman) became major shareholder with 48,038,800 shares.
Note other shareholders names assoc w/NSO:
Omrie Lavie
Shalev Holy
Eddy Shalev
Eran Gorev
Alexei Voronovitsky
Osy Holdings (Cayman) became major shareholder with 48,038,800 shares.
Note other shareholders names assoc w/NSO:
Omrie Lavie
Shalev Holy
Eddy Shalev
Eran Gorev
Alexei Voronovitsky
https://twitter.com/mopeng/status/1399177834472509441?s=20&t=H_G8wfO2PHgUBJc4p5wvaw
16 Dec 2020
Israeli Rayzone Group appears to have had access to the global telco network via a telco in the Channel Islands in the first half of 2018, potentially enabling its clients to track locations of mobile phones across the world
H/T @mopeng
theguardian.com/world/2020/dec…
Israeli Rayzone Group appears to have had access to the global telco network via a telco in the Channel Islands in the first half of 2018, potentially enabling its clients to track locations of mobile phones across the world
H/T @mopeng
theguardian.com/world/2020/dec…
Invoices suggest Rayzone, a corporate spy agency that provides its government clients with “geolocation tools”, used an intermediary in 2018 to lease an access point into the telecoms network via Sure Guernsey, a mobile operator in the Channel Islands.
Access points, aka “global titles”, provide a route into a decades-old global messaging system known as SS7, which allows mobile operators to connect users around the world. It is not uncommon for mobile companies to lease out such access
[NSO same MO]
[NSO same MO]
https://twitter.com/nimkef/status/1489014589152968706?s=20&t=FmxyPlG_y5N4dk6u7rhpkQ
However, doing so potentially allows third parties to exploit signalling messages – commands that are sent through a telecoms operator across the global network, unbeknownst to a mobile phone user.
Used legitimately, such commands allow operators and others with access to the network to locate mobile phones, connect mobile phone users to one another, and assess roaming charges.
But entities with access to mobile phone networks are also known to use signalling messages for questionable purposes, such as monitoring locations for the purpose of surveillance or even intercepting communications.
Rayzone describes itself as providing “boutique intelligence-based solutions” for fighting terrorism and crime for national law enforcement agencies. It says its geolocation tools are for use by governmental authorities only.
Sure Guernsey said in a statement it leased access to global titles to a “small number” of specialist providers who provide “legitimate services” such as anti-fraud detection for banks and other services.
Telecoms networks in the Channel Islands fall outside the UK’s regulatory jurisdiction even though they use the same +44 country code.
Industry insiders who have access to sensitive communications information suggest private intelligence firms regard small mobile operators, often based on tiny islands in offshore jurisdictions, as weak spots to exploit in the telecoms network.
Spy companies regard telecoms firms in both Guernsey and Jersey as potentially soft routes into UK phone networks, said industry and security experts.
Sources say there is recent evidence of a steady stream of suspicious signalling messages directed via the Channel Islands to networks worldwide w/ 100's of messages routed via Sure Guernsey and Jersey Airtel, to phone networks in North America, Europe and Africa in August.
Gary Miller, a mobile security researcher at Exigent Media who has studied sensitive messaging signals, said he found evidence suggesting a US mobile phone user was closely tracked while on a trip to Bangladesh in August 2020.
[Gary Miller the Mobileum whistleblower?]
[Gary Miller the Mobileum whistleblower?]
Miller said the attack, which could pinpoint the person’s location or intercept comms, appeared to have been routed through Sure Guernsey. It is not known who directed the messages to be sent or if Sure Guernsey would have been aware of the alleged attack.
British officials have privately expressed concerns about security issues around the SS7 network, particularly in connection to the Channel Islands, and have said smaller mobile operators there have not plugged well-known vulnerabilities.
A Whitehall source described the SS7 protocol as “toxic, horrendous – yet one the world relies on”, adding “it can be abused to geolocate people” but is complex to make secure because “if you get it wrong, you disconnect yourself from the rest of the world”.
British telecoms regulators and the security services have almost no powers to enforce against operators in the Channel Islands, beyond what is described as a “nuclear option” to remove their access to the +44 UK country code.
Ron Wyden, the US Democratic senator from Oregon, said in a statement: “Access into US telephone networks is a privilege. Foreign telecom regulators need to police their domestic industry to ensure that SS7 access isn’t abused to spy on Americans”
• • •
Missing some Tweet in this thread? You can try to
force a refresh
