Amazon takes infrastructure used by spy company NSO Group offline

Amazon Web Services has taken offline accounts and infrastructure used by Israeli private spy company NSO Group. The internet giant did so after it came to light that the Pegasus software had been used against journalists.

NSO Group used Amazon’s CloudFront to distribute its spyware. That was stated in the Amnesty International report, which revealed that the company’s espionage software is being used against journalists and a human rights lawyer. Amazon has taken NSO Group accounts and infrastructure offline in response, the company said in a statement to Vice.

According to Amnesty, the NSO Group has used CloudFront in recent months to distribute its spyware. Hacking attempts were made with at least 37 journalists and human rights activists. Citizen Lab, which conducted a peer review of the research, also confirms the use of CloudFront.

Amazon is now blocking NSO Group’s accounts because such actions go against the company’s terms. It does not mean that the spy company can no longer carry out its work, the NSO Group can use other content delivery networks for this. According to Amnesty’s report, the NSO also uses such services from Digital Ocean, OVH and Linode.

Amazon’s move is striking. Motherboard informed Amazon last year that the NSO Group has used Amazon infrastructure to distribute malware. As far as is known, Amazon did not do anything at the time and did not respond to a question whether the NSO would violate the company’s terms.

According to the NSO Group, the Pegasus spy software is intended to track down criminals and terrorists. The Israeli company provides its services and software to governments and intelligence agencies worldwide. The company claims to thoroughly check its customers’ human rights records before selling its spyware. NSO Group denies the claims made in the report.