ProhostHub community

ProhostHub

WhatsApp Wins $167M Lawsuit Against NSO Over Spyware Attacks

Tech

WhatsApp Wins $167M Lawsuit Against NSO Over Spyware Attacks

4views
0

WhatsApp Defeats NSO Group in Landmark Spyware Lawsuit

In a major legal win for WhatsApp and its parent company Meta, a U.S. jury has awarded over $167 million in damages against NSO Group, the Israeli spyware company infamous for its Pegasus surveillance software. The ruling marks the end of a high-profile legal battle that began in 2019, when WhatsApp accused NSO of breaching its platform to target over 1,400 users via a zero-click vulnerability.

How the Pegasus Attack Worked

During the trial, WhatsApp’s legal team explained how NSO exploited the app’s voice-calling feature. The spyware could be installed simply by placing a call to the victim—even if they didn’t answer. The malicious payload would then reach out to an external server, downloading the Pegasus spyware onto the target’s device using only their phone number.

Tamir Gazneli, NSO’s Vice President of R&D, confirmed the use of a “WhatsApp Installation Server” designed to mimic legitimate messages, making the attack virtually undetectable.

NSO Targeted a U.S. Number in Test for the FBI

Despite claiming that Pegasus couldn’t be used on American phone numbers, NSO admitted to testing the spyware on a U.S.-based device at the request of the FBI. While the FBI eventually chose not to deploy the spyware, NSO’s attorney referred to the incident as a “demonstration” version of Pegasus, specially configured for U.S. government evaluation.

How Governments Use Pegasus

NSO CEO Yaron Shohat testified that Pegasus automatically selects which exploit method to use in each case, with clients—including governments from Mexico, Saudi Arabia, and Uzbekistan—having no say in the technique applied. This streamlined interface is designed to provide intelligence efficiently, without technical input from the operator.

Apple and NSO Share Office Space

In a surprising twist, it was revealed that NSO’s headquarters in Herzliya, Israel, shares a 14-story office building with Apple, whose devices have frequently been targeted by NSO’s spyware.

Continued Attacks Even After Lawsuit Filing

Even after WhatsApp filed the lawsuit in November 2019, NSO continued targeting its users. Gazneli admitted that the “Hummingbird” attack series, which included versions called Erised, Eden, and Heaven, remained active until at least May 2020.

Implications for Global Cybersecurity

The case has shed light on the secretive world of commercial surveillance tools. Beyond exposing NSO’s clients and internal operations, it raises critical questions about accountability and the legal limits of private spyware firms operating across borders.

The lawsuit represents a significant victory not only for WhatsApp, but for global efforts to curb invasive digital surveillance. The outcome may set a precedent for future actions against spyware manufacturers, especially those that target private citizens, journalists, and activists.

, , , , , , ,

Like it? Share with your friends!

0
Patricia Renee

Posted by

log in

Captcha!
Forgot password?

forgot password

Back to
log in