Facebook Wanted To Buy WhatsApp Spyware Maker To Tap Apple iPhones

In a fresh controversy related to Facebook and its privacy practices, the controversial Israel-based security company NSO Group has said in court documents that the social media giant had shown interest in buying the notorious Pegasus WhatsApp spyware.

According to the documents filed by NSO Group CEO Shalev Hulio, two Facebook representatives had approached the company in 2017 with an offer to buy exclusive rights for using certain features of Pegasus.

It is worth mentioning that Pegasus is the same spyware which was allegedly used to spy on a dozen users, including academics, lawyers, activists and journalists in India. The targeted surveillance on 121 users in India had taken place during the 2019 General Elections, which ran from April 11 to May 23 last year. The same spyware was also reportedly used to spy on Amazon founder and CEO Jeff Bezos.

The Onavo Project

While there has been no confirmation from the company about the acquisition interest, a Vice report shows that Facebook wanted to buy Pegasus due to certain drawbacks in its own data collection app, which was less effective in gathering data from Apple phones.

The data gathering software was a part of Onavo Project which the social media company reportedly used to gather information about other apps installed on the devices of Facebook app users. “The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices,” the filings read.

Hulio also stated that the representatives also said that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and was willing to pay for the ability to monitor users which have installed Onavo Protect VPN app.

As part of the deal, Facebook was ready to pay NSO a monthly fee for each Onavo Protect user. However, NSO said that it has refused the offer as it sells the software to government agencies only.

“Facebook is a private entity and not a sovereign government or government agency for national security and law enforcement purposes and therefore does not meet NSO’s customer criteria. NSO declined the sale and informed Facebook that NSO only licenses its Pegasus technology to governments,” the filing read.

It is worth noting that Facebook had finally stopped the Onavo Protect in May 2019 when Apple found that the VPN app violates its updated privacy policies. Apple has also alleged that Facebook had violated various policies related to customer data usage.

Facebook Denies Claims

On its part, Facebook said that rather than buying parts of Pegasus as a hacking tool, the company wanted to incorporate in with the Onavo Project to monitor the users participating in the programme.

A Facebook spokesperson said that NSO is trying to distract from the Pegasus snooping court case, filed by the company nearly six months ago. “Their attempt to avoid responsibility includes inaccurate representations about both their spyware and a discussion with people who work at Facebook,” the spokesperson added.

Facebook maintained that the lawsuit by the company blatantly shows how NSO is responsible for snooping over 100 human rights activists and journalists around the world. The spokesperson added that NSO has accepted the fact that Pegasus can attack devices without a user knowing about the hack.

Facebook is now looking to find more evidence to make its case stronger against NSO in court. On the other hand, NSO had said that the company is noting down the information listed in the official court documents.

Facebook had dragged NSO to the court for exploiting a vulnerability is its messaging platform WhatsApp which granted access of data of around 1400 individuals to the hackers. For this snooping, hackers had used the Pegasus spyware.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.