WhatsApp Finally Opens Up About Pegasus Spyware, Provides Details

The entire world fuming over the Israeli Pegasus spyware breach, WhatsApp is narrowing down its investigation to find the culprit. According to the instant messaging app, the spyware attack was carried out by  Israel-based NSO Group, owned by Q Cyber Technologies.

After filing a case in the US Federal Court for violating the companies policies and compromising users’ privacy, WhatsApp said has come up with a detailed explanation of what had happened on its platform. Moreover, the Facebook-owned also alleged that it has proof against NSO Group.

“In our complaint, we explain how NSO carried out this attack, including acknowledgement from an NSO employee that our steps to remediate the attack were effective. We are seeking a permanent injunction banning NSO from using our service,” the company said.

WhatsApp added the attackers had used servers and internet-hosting services that were previously associated with NSO Group. Moreover, the company claims that it was able to track certain accounts, which were used to attack and spy, back to NSO.

WhatsApp also said that they “quickly added new protections” to the systems and issued an update to WhatsApp.

However, NSO has denied any involvement in the attack.

NSO Group develops and sells spyware technology to government clients only. It claims that all the exports are undertaken in accordance with Israeli government export laws and oversight mechanisms. However, it has been accused of targeting members of civil society often.

A cybersecurity lab at the University of Toronto, Citizen Lab, which volunteered to help WhatsApp, closely accessed NSO Group’s surveillance technology, in partnership with R3D, Privacy International, EFF, and Amnesty International. The team pointed out that among all the companies it tracks, NSO Group has recorded the most “reckless” abuse of its spyware by government clients.

WhatsApp and Citizen Lab reported that human rights defenders, activists and journalists were targeted by the Pegasus spyware. The spyware had targeted 43 countries, which also included in 121 individuals from India.

The Indian government has been pulling up WhatsApp in India for not informing them about the spyware, even though they were in talks since June, 2019. Amidst the crisis, the central government has also put WhatsApp’s upcoming digital payments platform, WhatsApp Payments, on hold.

However, WhatsApp has put the blame of the Indian government and called it out for using the Israel-based spyware to spy on its citizens. Moreover, the company defended that it had informed the government twice this year, i.e. in May and in September.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.