Here’s why Facebook is suing the NSO Group over the WhatsApp hack
- Facebook has filed a lawsuit in a US federal court against the Israeli hacker collective, the NSO Group.
- The social networking giant claims that the group used Pegasus, their flagship malware, to bug 1,400 users.
- NSO has not admitted to the act and plans to fight ‘vigorously’.
Everything sent on WhatsApp is meant to be encrypted. That means messages are only visible to users that are participating in the conversation and no one in between, including WhatsApp itself.
But in May this year, the NSO Group was able to get through. It didn’t target the encryption directly. Instead, it used a bug within WhatsApp’s software to plant malware — all it had to do was drop a missed call using WhatsApp’s voice call function.
So there was no user interaction and the only way that users could have protected themselves from the malware was by not having WhatsApp on their phones in the first place.
The malware allowed hackers to control phones remotely. They allegedly took advantage of the device’s microphones and cameras to collect data about the individual.
The social networking giant is claiming that the NSO Group — and its parent company Q Cyber Technology — violated the US Computer Fraud and Abuse act by using its flagship malware, Pegasus, on 1,400 WhatsApp users.
"It targeted at least 100 human rights defenders, journalists and other members of civil society across the world," Will Cathart, the head of WhatsApp, wrote in The Washington Post.
In the past, the NSO Group claimed no knowledge of the attack. After becoming aware of the case filed against them they issued a statement, in which they do not claim responsibility, but do vow to ‘vigorously’ fight them.
"Our technology is not designed or licensed for use against human rights activists and journalists. It has helped to save thousands of lives over recent years," said the company.
AdvertisementFacebook is looking to keep NSO from having further access to its platform and is seeking unspecified damages.
The lawsuit alleges that the malicious code was sent over WhatsApp servers between April 29 to May 10.
WhatsApp is using this case as an argument against weakening end-to-end encryption for government access. According to Cathart, the fact negative actors are looking to exploit the system in such a way is all the more reason to not have any ‘backdoors’ or security openings.
WhatsApp was hacked and attackers installed spyware on people's phones
The Israeli firm behind software used to hack WhatsApp boasted that it can scrape data from Amazon, Apple, Facebook, Google, and Microsoft cloud servers
AdvertisementMeet The Shadowy Security Firm From Israel Whose Technology Is At The Heart Of The Massive WhatsApp Hack
Popular on BI
- The worst for Indian startups is yet to come — be prepared for layoffs, unicorn slowdown and startup shutdowns in 2022
- Kellyanne Conway says her husband was 'cheating by tweeting' his disdain for former President Trump in her new memoir
- A SpaceX flight attendant said Elon Musk exposed himself and propositioned her for sex, documents show. The company paid $250,000 for her silence.
- What would happen to Twitter if Elon Musk backs out now?
- Researchers develop a virus that works even when iPhone is switched off
- Supreme Court of India extends time for submitting Pegasus probe report
- Chopper services launched in Goa for tourists, locals
- Both Ambuja Cements and ACC are bet worth investing with strong parent Adani