Cyber Security

WhatsApp sues Israeli spyware firm NSO Group over hacking claims

Facebook Inc. has filed a lawsuit against Israel’s NSO Group, alleging the cybersecurity company’s spyware infected the phones of some users after it was delivered through the WhatsApp messaging platform.

WhatsApp accuses the company of sending malware to roughly 1,400 mobile phones for the purposes of surveillance. Users affected included journalists, human rights activists, political dissidents, and diplomats. NSO Group, which makes software for surveillance, has however disputed the allegations.

In a court filing, WhatsApp said NSO Group “developed their malware in order to access messages and other communications after they were decrypted on target devices”. It said NSO Group created various WhatsApp accounts and caused the malicious code to be transmitted over the WhatsApp servers in April and May.

“We believe this attack targeted at least 100 members of civil society, which is an unmistakable pattern of abuse,” WhatsApp said in a statement.

The affected users had numbers from several countries, including Bahrain, the United Arab Emirates and Mexico, according to the lawsuit. WhatsApp said it is seeking a permanent injunction banning NSO from using its service.

When the WhatsApp flaw was revealed, NSO Group said it wasn’t involved in the direct use of its software, and merely provided it to governments. But in a Washington Post opinion article published today, WhatsApp head Will Cathcart says the company has evidence of NSO Group’s direct involvement in the attack. “Now, we are seeking to hold NSO accountable under U.S. state and federal laws, including the US Computer Fraud and Abuse Act,” Cathcart writes.

The firm, which was acquired by Facebook in 2014, said it was the first time an encrypted messaging provider had taken legal action of this kind.

WhatsApp promotes itself as a “secure” communications app because messages are end-to-end encrypted. This means they should only be displayed in a legible form on the sender or recipient’s device.

In a related announcement, Citizen Lab said it has been working with WhatsApp since the attack to identify suspected targets.

“In the strongest possible terms, we dispute today’s allegations and will vigorously fight them,” NSO Group said in a statement. The company went on to say it takes action when one of its products is used for purposes other than fighting crime or terrorism.

Leave a Reply