Facebook struggles for the first time in court against Spy attack on its services. Facebook sued the Israeli company NSO, which has gained access to hundreds of smartphones via a WhatsApp vulnerability. WhatsApp is owned by the Facebook group since 2014.
In just under two weeks in April and May of this year, Israeli NSO attacked around 1,400 devices, Facebook mentioned in the complaint filed in California. Target individuals were journalists, lawyers, human rights activists, diplomats and government officials. They came from countries like Bahrain, Mexico and the United Arab Emirates.
Surveillance software to repressive governments
According to Facebook, NSO managed to distribute malicious software that enables extensive data tapping via WhatsApp calls. The program, which became known as Pegasus, installed itself on the devices even if the target individuals did not answer the call. It connected to Israeli company servers and provided access to contact information and message content on the devices, among other things. NSO then passed the captured data on to the company’s customers. The vulnerability existed in the WhatsApp apps for the mobile operating systems Android, iOS, Windows Phone and Tizen. Facebook claims to have had closed the vulnerability in May 2019. After months of investigation, NSO was identified as the originator of the attack.
NSO is commonly criticized for selling surveillance technology to repressive governments . For example, experts from the Israeli technology company have already been accused in 2016 of helping to spy on an activist in the United Arab Emirates. The spy software Pegasus is able to activate camera and microphone of the phones of targeted individuals. NSO rejected the allegations. The sole purpose of the company is to help intelligence services of governments and security agencies in the fight against terrorism and serious crimes, according to NSO. The NSO technology was not developed or approved for use against human rights activists and journalists.