Home / Security / Facebook sues Israeli surveillance vendor over WhatsApp zero-day

Facebook sues Israeli surveillance vendor over WhatsApp zero-day

WhatsApp

Facebook filed a lawsuit today in a US court against NSO Group, an Israeli company that sells spyware products. The social media giant claims that NSO Group has sold and had direct involvement in the deployment of a WhatsApp zero-day against more than 1,400 users.

The WhatsApp zero-day came to light in May this year. A Financial Times report claimed that NSO Group had developed an exploit that abused a feature in WhatsApp’s VoIP calling feature.

Targets would get a WhatsApp call, but specially crafted RTCP packets allowed an attacker to run malicious code that installed the NSO Group’s Pegasus spyware kit on targeted devices — regardless if they were using Android or iPhones.

At the time, Facebook deployed urgent updates to fix the vulnerability but did not issue any official statements, besides a simple advisory.

Facebook concludes investigation, files lawsuit

“Now, after months of investigation, we can say who was behind this attack,” Will Cathcart, Head of WhatsApp at Facebook, said today in an op-ed on the Washington Post.

“Today, we have filed a complaint in federal court that explains what happened and attributes the intrusion to an international technology company called NSO Group,” Cathcart added.

“As we gathered the information that we lay out in our complaint, we learned that the attackers used servers and Internet-hosting services that were previously associated with NSO.

“In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful,” Cathcart said.

WhatsApp zero-day used against 1,400 devices

According to court documents, the attack targeted more than 1,400 devices belonging to attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials.

Facebook said that based on country codes of the targeted WhatsApp numbers, the targeted users were located in the Kingdom of Bahrain, the United Arab Emirates, and Mexico.

In a FAQ page published on the WhatsApp website today, Facebook said it sent “a special WhatsApp message” to notify all device holders about the May attacks.

Facebook said the purpose of the lawsuit was to hold NSO accountable under US state and federal laws, including the Computer Fraud and Abuse Act (CFAA).

In the past, the company has stated many times that it only sells its hacking tools to customers, but cannot be held responsible for what they do with its code. However, the Facebook lawsuit wants to prove the opposite and link the company to an active hacking campaign.

After UN security experts called for a worldwide moratorium on the sale of surveillance software, NSO Group pledged in September to follow the UN’s human rights policy and fight against customers who use its tools to spy on innocents, political opponents, and journalists.

Answering to a request for comment from ZDNet, NSO Group provided the following statement on today’s lawsuit:

“In the strongest possible terms, we dispute today’s allegations and will vigorously fight them. The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime. Our technology is not designed or licensed for use against human rights activists and journalists. It has helped to save thousands of lives over recent years.

“The truth is that strongly encrypted platforms are often used by pedophile rings, drug kingpins and terrorists to shield their criminal activity. Without sophisticated technologies, the law enforcement agencies meant to keep us all safe face insurmountable hurdles. NSO’s technologies provide proportionate, lawful solutions to this issue.

“We consider any other use of our products than to prevent serious crime and terrorism a misuse, which is contractually prohibited. We take action if we detect any misuse. This technology is rooted in the protection of human rights – including the right to life, security and bodily integrity – and that’s why we have sought alignment with the U.N. Guiding Principles on Business and Human Rights, to make sure our products are respecting all fundamental human rights.”


Source link

About admin

Check Also

US Treasury sanctions Russian research institute behind Triton malware

CNIIHM, Moscow Image: Google Maps The US Treasury Department announced sanctions today against a Russian ...

11 comments

  1. Magnificent goods from you, man. I’ve understand your stuff previous to and you are just too magnificent. I actually like what you have acquired here, really like what you are saying and the way in which you say it. You make it enjoyable and you still care for to keep it sensible. I can not wait to read far more from you. This is really a terrific web site.|

  2. I have read so many posts concerning the blogger lovers except this post is really a nice paragraph, keep it up.|

  3. Hey there, You’ve performed a fantastic job. I’ll certainly digg it and individually suggest to my friends. I am confident they’ll be benefited from this website.|

  4. Wow, superb blog layout! How long have you been blogging for? you made blogging look easy. The overall look of your web site is excellent, let alone the content!|

  5. Hello There. I discovered your weblog the use of msn. That is a really neatly written article. I’ll be sure to bookmark it and return to read more of your helpful info. Thanks for the post. I will certainly return.|

  6. Woah! I’m really enjoying the template/theme of this site. It’s simple, yet effective. A lot of times it’s tough to get that “perfect balance” between usability and visual appeal. I must say you have done a superb job with this. Additionally, the blog loads extremely fast for me on Opera. Exceptional Blog!|

  7. Howdy! Do you use Twitter? I’d like to follow you if that would be ok. I’m definitely enjoying your blog and look forward to new updates.|

  8. Wonderful article! This is the type of information that are meant to be shared across the net. Disgrace on Google for no longer positioning this publish upper! Come on over and discuss with my website . Thank you =)|

  9. I’m more than happy to find this great site. I want to to thank you for ones time just for this wonderful read!! I definitely savored every bit of it and I have you saved to fav to check out new information in your site.|

  10. I think this is among the most important info for me. And i am glad reading your article. But wanna remark on some general things, The website style is wonderful, the articles is really excellent : D. Good job, cheers|

Leave a Reply

Your email address will not be published. Required fields are marked *