Facebook sues Israeli cybersecurity startup NSO Group over alleged hacking of WhatsApp

Israel cybersecurity startup NSO Group made headlines back in 2016 after its impossible-to-detect software, Pegasus, was used to hack Apple iPhone 6 running iOS version 9.3.4. We’ve written many articles about NSO over the past two years. Just last June, NSO reportedly used its spyware to spy on Apple, Google and Facebook cloud data; but the company denied the allegation. Now, the startup is under fire and being sued by social media giant Facebook over its alleged hacking of WhatsApp users earlier this year.

In the lawsuit filed Tuesday in federal court in California, Facebook alleges that NSO Group used WhatsApp servers to spread malware to 1,400 mobile phones in an attempt to target journalists, diplomats, human rights activists, senior government officials and other parties.

The complaint says the malware was unable to break the Facebook-owned app’s encryption, and instead infected customers’ phones, giving NSO access to messages after they were decrypted on the receiver’s device.

NSO is no stranger to allegations. In 2018, the startup was accused of placing spyware on the smartphone of murdered Saudi journalist Jamal Khashoggi, though the Israeli firm denies the accusations. According to a lawsuit filed by a friend of Khashoggi, NSO was accused of using its software to spy on the inner circle of Jamal Khashoggi just before his murder.  The company is also known for its Pegasus malware, which is used by intelligence agencies to obtain private data from people’s smartphones.

According to the lawsuit, Facebook said: “Between in and around April 2019 and May 2019, Defendants used WhatsApp servers, located in the United States and elsewhere, to send malware to approximately 1,400 mobile phones and devices (“Target Devices”). Defendants’ malware was designed to infect the Target Devices for the purpose of conducting surveillance of specific WhatsApp users (“Target Users”). Unable to break WhatsApp’s end-to-end encryption, Defendants developed their malware in order to access messages and other communications after they were decrypted on Target Devices. Defendants’ actions were not authorized by Plaintiffs and were in violation of WhatsApp’s Terms of Service. In May 2019, Plaintiffs detected and stopped Defendants’ unauthorized access and abuse of the WhatsApp Service and computers.”

Facebook is asking the court to deny NSO Group further access to Facebook’s services and systems and seeks unspecified damages.