Israeli firm spied on WhatsApp users via US servers: Facebook
What's the story
In a shocking development, Facebook has accused Israeli security firm NSO Group of using servers located in the US to launch a coordinated spyware attack on hundreds of users of WhatsApp, its main messaging service. The claim comes as the social network tries to escalate the lawsuit it filed last year accusing the firm of targeting the unsuspecting users. Here's more about it.
Recap
First, a quick recap of the hack
Back in May 2019, a security company discovered that a critical vulnerability in WhatsApp was being exploited by NSO Group's Pegasus spyware. It found that the malicious program was being injected by the way of WhatsApp calls - even if you didn't answer - to spy on private, end-to-end encrypted conversations of several users of the messaging service.
Targets
Journalists, human-right activists among some 1,400 targets
WhatsApp patched the vulnerability soon after the discovery but went on to investigate the matter, which revealed evidence showing the direct involvement of NSO Group in the attack. After gathering enough details, the company filed a lawsuit accusing the firm of using its spyware to target over 1,400 people, including diplomats, political dissidents, journalists, and government officials.
Quote
Attempt to cover tracks not entirely successful, WhatsApp head said
"We are seeking to hold NSO accountable under US state and federal laws, including the US Computer Fraud and Abuse Act," WhatsApp head, Will Cathcart, had said in October, adding, "Their attempts to cover their tracks were not entirely successful."
Details
US servers were used over 700 times
Now, adding more to the claims, WhatsApp has alleged that NSO Group used Los Angeles-based hosting service QuadraNet "more than 700 times" as well as an Amazon server to stage the attack and infect its users. However, it was not immediately clear if these hacks included those carried out against users in the US or those in other parts of the world, too.
Involvement
NSO has repeatedly denied involvement
NSO Group, on its part, has maintained that its tech is given to government intelligence and law enforcement agencies to help them fight terrorism, not for use against activists/journalists. Additionally, the firm has also argued that the case, filed in the federal court in Oakland, California, should be thrown out as it has no business of any kind in California.
Quote
NSO says Pegasus cannot be used against US numbers
"NSO Group does not operate the Pegasus software for its clients, nor can it be used against US mobile phone numbers, or against a device within the geographic bounds of the United States," a company representative said while refuting WhatsApp's latest allegations.
Possibilities
NSO could face major problems
If WhatsApp's allegations are proven true and the involvement of American servers is confirmed, the lawsuit could move forward, creating major problems for NSO Group. Notably, the messaging giant's attorneys have also argued that the firm has not named a single country as its customer and there is no evidence that suggests it cannot be held responsible for the actions of its clients.