WhatsApp said to accuse Israel’s NSO Group of deep involvement in hacking op
WhatsApp has alleged in court documents in an ongoing legal
case that the controversial Israeli private intelligence firm NSO Group was
“deeply involved” in the hacking of 1,400 users’ phones, and had control over
US-based servers involved in the operation, according to a report Wednesday.
The messaging company refuted NSO Group’s attempts to
distance itself from the hacks.
The accounts targeted included those of senior government
officials, journalists, and human rights activists worldwide. The US lawsuit in
the case has been ongoing since October.
NSO Group’s flagship spyware, called Pegasus, allows agents
to effectively take control of a phone, surreptitiously controlling its cameras
and microphones from remote servers and vacuuming up personal data and
geolocations.
NSO Group has previously claimed that it only licenses its
software to governments for “fighting crime and terror” and that it
investigates credible allegations of misuse, but activists argue the technology
has been instead used for human rights abuses.
Earlier this month the company told the court that it was
not responsible for state actors’ use of its software and had no information on
the operation of the technology. But according to the Guardian, WhatsApp has
claimed that the servers used in hacking operations were controlled by NSO
Group and not by its government clients.
“NSO used a network of computers to monitor and update
Pegasus after it was implanted on users’ devices. These NSO-controlled
computers served as the nerve center through which NSO controlled its
customers’ operation and use of Pegasus,” the court filings state.
They add that NSO received “unauthorized access” to WhatsApp
servers and evaded the messaging service’s security features.
The Guardian quoted John Scott-Railton of Citizen Lab, who
has worked with WhatsApp on the case, as saying that because it controlled the
servers involved in the WhatsApp hack, NSO would have had access to logs,
including IP addresses, identifying the users who were being targeted.
“Whether or not NSO looks at those logs, who knows? But the
fact that it could be done is contrary to what they say,” Scott-Railton said.
NSO said in a statement: “Our products are used to stop
terrorism, curb violent crime, and save lives. NSO Group does not operate the
Pegasus software for its clients. Our past statements about our business, and
the extent of our interaction with our government intelligence and law
enforcement agency customers, are accurate.”
Earlier this month, The Times of Israel reported that NSO
Group was involved in the development of a contact tracing app to be used to
combat the spread of the coronavirus.
On March 30, Defense Minister Naftali Bennett announced in a
series of tweets that Israel had developed a sophisticated artificial
intelligence system, separate from the system currently in use by the Shin Bet,
to track the spread of coronavirus.
“In my opinion it is the most advanced in the world,” he
wrote.
Bennett also revealed that the system was a joint venture
between the Defense Ministry, the IDF’s 8200 intelligence unit and a private
high-tech company, whose name he did not specify.
But at a March 31 Knesset hearing of the Subcommittee for
Secret Services, MKs revealed that the company in question was in fact NSO
Group.
The Times of Israel report also noted that three of NSO
Group’s founders — Omri Lavie, Shalev Hulio and Isaac Zack — invest their
personal money through a firm known as the Founders’ Group that has invested in
the largely fraudulent binary options industry.
Comments
Post a Comment