Big Tech trains guns at NSO Group over privacy concerns

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

Big Tech giants, such as Microsoft, Google, Cisco, VMWare, and the Internet Association, have decided to back Facebook in a major legal battle against the NSO Group over allegations that the latter exploited a critical vulnerability in WhatsApp to inject surveillance malware into users’ devices.

In October last year, Facebook filed a lawsuit against NSO Group in California, alleging that NSO Group “used WhatsApp servers, located in the United States and elsewhere, to send malware to approximately 1,400 mobile phones and devices” and that the firm developed their malware “in order to access messages and other communications after they were decrypted on Target Devices”.

In its complaint, Facebook alleged that NSO Group and its agents used WhatsApp servers and the WhatsApp Service to send discrete malware components to target devices after setting up various WhatsApp accounts and remote servers to conceal their involvement.

Using Facebook’s servers, NSO Group initiated calls that secretly injected malicious code into target devices and then executed the codes to create a connection between the hijacked devices and its remote server. Once a connection was established, NSO Group caused target devices to download and install additional malware, including Pegasus, for the purpose of accessing data and communications.

“Between approximately January 2018 and May 2019, Defendants created WhatsApp accounts that they used and caused to be used to send malicious code to Target Devices in April and May 2019. The accounts were created using telephone numbers registered in different counties, including Cyprus, Israel, Brazil, Indonesia, Sweden, and the Netherlands.

“Defendants reverse-engineered the WhatsApp app and developed a program to enable them to emulate legitimate WhatsApp network traffic in order to transmit malicious code—undetected—to Target Devices over WhatsApp servers. Defendants’ program was sophisticated, and built to exploit specific components of WhatsApp network protocols and code,” the complaint read.

Facebook further alleged that because of NSO Group’s covert activities that caused damage to its reputation and destroyed the goodwill between the company and its users,…