NSO Group found responsible for hacking WhatsApp users

0
103
NSO Group found responsible for hacking WhatsApp user

A federal court has found Israeli spyware company NSO Group responsible for reverse engineering WhatsApp to install malware on the phones of more than 1,400 people around the world, including human rights activists, diplomats, lawyers and journalists.

NSO’s tools, commonly known as Pegasus, infiltrated phones by initiating a WhatsApp call to a targeted victim, who did not even need to answer the call for the exploit to install a package in the phone’s memory in one click, which then downloaded malware that allowed NSO and its clients to extract messages, location, photos, and other information from the device.

The company has served repressive regimes such as Israel and Saudi Arabia, which is alleged to be the reason it installed Pegasus spyware on Hanan Elatr’s phone months before the kidnapping and murder of her husband, journalist Jamal Khashoggi. Other victims include human rights activists in Mexico, U.S. diplomats in Uganda, and possibly Jeff Bezos.

WhatsApp filed a lawsuit against NSO Group in a federal district court in California in 2019, alleging that the spyware maker violated the federal Computer Fraud and Abuse Act, the California Comprehensive Computer Data Access and Fraud Act, and WhatsApp’s own terms of service.

On Friday, a federal judge granted WhatsApp’s motion for summary judgment, a major legal victory for NSO Group, which has so far avoided responsibility for its actions in other cases.

“This ruling is a huge victory for privacy,” Will Cathcart, WhatsApp CEO, wrote on his social media page X. “We spent five years presenting our case because we firmly believe that spyware companies cannot hide behind immunity or avoid responsibility for their illegal actions. Surveillance companies need to know that illegal spying will not be tolerated.”

Earlier this year, Apple dropped its lawsuit against NSO, saying it was unlikely to be able to access important files needed to continue its case against the spyware company and that the ongoing litigation threatened to expose more vulnerabilities in its technology. Victims of NSO hacking attacks have also tried to sue the company in U.S. courts in recent years, but judges have ruled that they have no jurisdiction over events that occurred abroad.

John Scott-Railton, a senior researcher at The Citizen Lab, a nonprofit organization that helped expose NSO’s Pegasus spyware, told BlueSky that Friday’s ruling was “a big loss for NSO. It’s a bad time for a spyware company. A landmark case. Huge consequences”.

NSO has been in financial difficulties since its hacking activities were exposed and it was blacklisted by the US government.

After the judge granted summary judgment, the WhatsApp case must now go to trial to determine what damages NSO will have to pay.

LEAVE A REPLY

Please enter your comment!
Please enter your name here