Security News

Facebook sues NSO Group for WhatsApp spyware attack

Posted on October 30th, 2019 by

 

Social media giant Facebook, owner of the WhatsApp messaging platform, has filed a lawsuit against NSO Group, an Israeli company that develops software for intelligence agencies. Back in May 2019, NSO Group’s Pegasus spyware was found to have spread to about 1,400 mobile devices via a remotely exploitable vulnerability in the iOS and Android versions of WhatsApp. Facebook’s suit alleges that NSO Group not only used WhatsApp to spread its Pegasus spyware, but that NSO Group also did so in a manner that deliberately targeted “attorneys, journalists, human rights activists, political dissidents, and other senior foreign government officials.”

It should be noted that although classified as spyware, Pegasus isn’t your garden-variety, consumer-targeted spyware that tracks your shopping habits to sell targeted ads. NSO Group is an Israeli cyber intelligence company that has licensed its software to various governments, nation-state entities, and law enforcement agencies. The company's software has been linked to hacking infamous drug lord El Chapo’s phone, leading the Mexican president to thank the company for its role in his capture. But on a darker note, in 2018 the New York Times linked NSO Group’s Pegasus software to the murder of journalist Jamal Khashoggi.

Facebook is seeking an injunction barring NSO Group and any affiliated parties from using WhatsApp or other Facebook services, and Facebook is also seeking monetary damages. As WhatsApp itself notes, “This is the first time that an encrypted messaging provider is taking legal action against a private entity that has carried out this type of attack against its users.”

Intego's Chief Security Analyst, Josh Long, noted that while the lawsuit implies that NSO Group was knowingly involved with the attack on WhatsApp users, for its part, NSO Group’s public statements have implied that some other party perpetrated the attack. “Given that NSO Group claims it only licenses its technologies to government entities in accordance with Israeli law, this implies that a nation-state attacker with ties to an Israel-friendly government may have been responsible for the attack,” Long said, while quickly noting that one cannot make hasty assumptions about attributing an attack: “It is also possible that a threat actor that is not necessarily friendly to Israel could have obtained access to NSO Group's Pegasus spyware by hacking either the NSO Group itself or any one of its clients.”

How can I learn more?

You can read more about Facebook’s lawsuit in this Digital Trends article.

This week on the Intego Mac Podcast episode 107, the Facebook vs. NSO Group lawsuit is among the topics we discuss, along with macOS Catalina’s “dialog fatigue” problem, and much more. Be sure to subscribe to make sure you never miss the latest episode.

Subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for updates.

Also, follow Intego on your favorite social and media channels: Facebook, Instagram, Twitter, and YouTube (click the 🔔 to get notified about new videos).