21 July 2021

Response from NSO Group to the Pegasus Project


Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International had access to a list of phone numbers concentrated in countries known to surveil their citizens and also known to have been clients of NSO Group, an Israeli firm that is a leader in the field of spyware. The two nonprofits shared the information with The Post and 15 other news organizations worldwide that have worked collaboratively to conduct further analysis and reporting over several months. Forbidden Stories oversaw the Pegasus Project, and Amnesty International provided forensic analysis but had no editorial input.

The reporters of the Pegasus Project found that NSO’s Pegasus spyware, meant be to licensed to governments for tracking terrorists and criminals, was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and the two women closest to murdered Saudi journalist Jamal Khashoggi.

Below are the responses from the company.

First response

NSO Group firmly denies false claims made in your report which many of them are uncorroborated theories that raise serious doubts about the reliability of your sources, as well as the basis of your story. Your sources have supplied you with information that has no factual basis, as evidenced by the lack of supporting documentation for many of the claims.

For example, you wrongly assert that NSO has operated the systems that it sells to vetted government customers, as well as to having access to the data of its customers’ targets. Additionally, you falsely claim that the Israeli Government monitors the use of our customers’ systems, which is the type of conspiracy theory that our critics peddle. When making such incendiary claims, readers would naturally expect you to provide some modicum of proof. Instead, it appears you are simply furthering the salacious narrative about NSO Group that has been strategically concocted by several closely aligned special interest groups.

Furthermore, as NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi. This includes listening, monitoring, tracking, or collecting information. We previously investigated this claim, immediately after the heinous murder, which again, is being made without validation. We also stand by our previous statements that our products, sold to vetted foreign governments, cannot be used to conduct cybersurveillance within the United States, and no customer has ever been granted technology that would enable them to access phones with U.S. numbers. It is technologically impossible and reaffirms the fact your sources claims have no merit.

Notwithstanding the above, NSO Group will continue to investigate all credible claims of misuse and take appropriate action based on the results of these investigations. This includes shutting down of a customers’ system, something NSO has proven it’s ability and willingness to do, due to confirmed misuse, done it multiple times in the past, and will not hesitate to do again if a situation warrants. This process is documented in NSO Group’s ‘Transparency and Responsibility Report,’ which was released last month. The fact is, NSO Group’s technologies have helped prevent terror attacks, gun violence, car explosions and suicide bombings. The technologies are also being used every day to break up pedophilia-, sex-, and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones. Simply put, NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds.

Second response

NSO Group reiterates its response sent to Forbidden Stories on July 14, including our statements as to the wrong assumptions and to the uncorroborated theories that raise serious doubts about the reliability of your sources.

It seems like your unidentified sources have supplied you with information that has no factual basis, as evidenced by some of your questions, which are far from reality.

As evident by your questions, NSO Group has good reason to believe that claims that you have been provided with, are based on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers targets of Pegasus or any other NSO products. Such services are openly available to anyone, anywhere, and anytime, and are commonly used by governmental agencies for numerous purposes, as well as by private companies worldwide.

The alleged amount of “leaked data of more than 50,000 phone numbers”, cannot be a list of numbers targeted by governments using Pegasus, based on this exaggerated number.

These kinds of platforms were never used by or for NSO, are not a basis of “target lists” of Pegasus or any other product of the company and we are glad to see that you have retracted the allegation originally made by Forbidden Stories that the “research is based on thousands of numbers that were selected as targets by NSO’s Group clients”, yet we still do not see any correlation of these lists to anything related to use of NSO Group technologies.

As to your request to confirm the “existence of such data”, obviously we cannot do so, since even if they were customers data, we have no visibility nor access to them.

Additionally, we understand that there are allegations that target numbers were obtained from NSO’s servers. This is a ridiculous allegation since such data was never existing on our servers.

As we stated in the past, due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as identity of customers of which we have shut down systems. In any case we suggest you to rely only on informed sources and not any unsubstantiated source. As such, we cannot respond to some of your direct questions related to these matters.

As to your other questions, NSO does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets.

NSO does not operate its technology, does not collect, nor poses nor have any access to any kind of data of its customers.

We vehemently deny the suggestions that the Israeli Government monitors the use of our customers’ systems, which is the type of conspiracy theory that our critics peddle.

Such claims are part of the salacious narrative about NSO Group that has been strategically concocted by several closely aligned special interest groups, among them your “anonymous officials” who say they ‘assume’ something is taking place.

As NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi. We can confirm that our technology was not used to listen, monitor, track, or collect information regarding him or his family members mentioned in your inquiry. We previously investigated this claim, which again, is being made without validation.



We also stand by our previous statements that our products, sold to vetted foreign governments, cannot be used to conduct cybersurveillance within the United States, and no foreign customer has ever been granted technology that would enable them to access phones with U.S. numbers. It is technologically impossible and reaffirms the fact that your sources claim have no merit.



Westbridge is part of the NSO group.


Regarding King & Spalding, as you stated correctly, they are our lead counsel in the Facebook litigation. NSO Group retains other top US counsels for various issues, mostly relating to NSO’s novel human rights and compliance programs. Additional information can be seen in our first Transparency and Responsibility Report.



Notwithstanding the above, NSO Group will continue to investigate all credible claims of misuse and take appropriate action based on the results of these investigations. This includes shutting down of a customers’ system, something NSO has proven its ability and willingness to do, due to confirmed misuse, has done multiple times in the past, and will not hesitate to do again if a situation warrants.


This process is documented in NSO Group’s ‘Transparency and Responsibility Report,’ which was released last month.



The fact is, NSO Group’s technologies have helped prevent terror attacks, gun violence, car explosions and suicide bombings. The technologies are also being used every day to break up pedophilia-, sex-, and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones. Simply put, NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds.


Regarding export licenses, NSO is subject to various export control regimes including the Israeli MOD, as similar to existing regulations in other democratic countries.


NSO is a subsidiary of Q Cyber Technologies.


Mr. [Shalev] Hulio referred to future strategic financial possibilities of the company including a possibility for an IPO, with possible organizational restructuring in every option. Mr Hulio clarified that in order to take this kind of strategic financial step, the company should hire a CEO with financial skills that will lead it to the next step. In any case, Mr. Hulio will remain involved in the company and will hold a senior position within it.

No comments: