In May 2019, WhatsApp alerted its users concerning an alleged compromise of the security of their apps. The message warned WhatsApp users of a sophisticated cyberattack that exploited several in-app vulnerabilities to surveil them. According to a new lawsuit, WhatsApp has identified NSO Group as the perpetrator of the cyberattack.
A disturbing pattern of attack
In the lawsuit filed on Wednesday 29, October 2019, WhatsApp said that it positively identified NSO Group as being behind the attack. Notably, the lawsuit explained that the process of the attack used servers that have a close relationship with NSO Group. Further, the lawsuit reads, “we have tied certain WhatsApp accounts used during the attacks back to NSO.” As much as NSO tried to cover its tracks, WhatsApp was able to smoke their activities out.
Notably, the lawsuit identified a pattern in the attack that it described as disturbing. Of the 1,400 victims of the attack, over 100 of them were journalists, civil society members, and defenders of human rights across the world. Particularly, the lawsuit mentioned Mexico, Bahrain, India, and the United Arab Emirates as the countries in which people were targeted. According to The Times of India, some Dalit activists in India might have been victims of the cyberattack. Curiously, the targeting of the Dalit activists happened while Indians were preparing to go the polls for the country’s General Elections.
NSO violated terms of service
According to a statement from WhatsApp, the company enlisted the help of the Citizen Lab of the University of Toronto’s Munk School to help them “learn more about the impact of this attack” on the victims. The information that the Citizen Lab provided offered more evidence to support NSO Group’s culpability.
Particularly, WhatsApp said that the attack targeted victims with an infected video call. Interestingly, the attacker could inject malicious scripts in the victims’ devices and apps even if they (the victims) did not pick the video calls. WhatsApp argued in the lawsuit that its terms of service prohibit companies to reverse engineer its code. Such activities could jeopardize the security of the app’s users. Incidentally, all WhatsApp users must agree to those terms before accessing the platform. On this basis, the NSO Group has a case to answer.