WhatsApp has filed a case against the infamous spyware vendor NSO Group. According to WhatsApp, NSO was actively involved in hacking thousands of its accounts. In May of this year, a huge vulnerability was discovered in WhatsApp.
Attackers used a video call to hack the WhatsApp account!
Due to that vulnerability, the attacker could load spyware onto the victim’s phone through a victim call. This flaw worked even if the person declined the call. Citizen Lab, who discovered the vulnerability, said that journalists and human rights advocates were the main target. It is alleged that Israel-based NSO Group created Pegasus, spyware for the attack. After which it was sold to repressive governments around the world.
How is the NSO Group linked to the attack?
When the flaw was first revealed, NSO Group commented it just sold the software and wasn’t aware of how it is used. However, in a Washington Post opinion article published on 29th October, WhatsApp head Will Cathcart, says they have evidence that NSO Group’s had knowledge of the attack. Now, the company is suing NSO under the US. State and federal laws, including the US Computer Fraud and Abuse Act.
WhatsApp has linked servers and services used in the attack with NSO Group. They have strong evidence that Pegasus in the attack. According to WhatsApp, approximately 1400 devices were hacked using this spyware. Cathcart also said they linked servers and services used in the attack with NSO Group. Citizen Lab and WhatsApp were working together ever since the investigation to find the suspected.
NSO refused any participation in the attack
NSO gave an official comment in which they deny any allegation to party such crime or terrorism. The company also said that they would fight such cases vigorously. WhatsApp is taking NSO Group to court and asking for damages. We don’t know who will win, but a big settlement is sure up for grab for both sides.