WhatsApp Hack Targeted Politicians, Journalists and More, Facebook Sues Alleged Culprits

Social media giant Facebook filed suit in a California federal court October 29 against the Israeli surveillance firm, NSO Group, for allegedly hacking WhatsApp, a popular messaging application. In the lawsuit, Facebook accused NSO Group of sending malware to approximately 1,400 phones and devices.

According to the complaint, the malware was "designed to infect the Target Devices for the purpose of conducting surveillance of specific WhatsApp users." Since the NSO Group could not break the decryption built into WhatsApp's programming, the malware accessed "messages and other communications after they were decrypted on Target Devices."

WhatsApp's usage of end-to-end encryption means that the company has no access to communications made through the app, with each message bearing its own digital lock and key.

Users targeted by the NSO Group included "attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials." Target users had WhatsApp numbers in Mexico, the Kingdom of Bahrain and the United Arab Emirates.

Believed to be known as Pegasus, the malware took advantage of a bug in the audio-calling feature of WhatsApp. When a device was called, Pegasus was installed, regardless of whether the phone was actually answered. Pegasus has been used as spyware, gaining information from calls, texts and audio.

cellphone, whatsapp, facebook, hacking
A WhatsApp hack allegedly perpetrated by an Israeli surveillance group affected at least 1.400 users. Getty

Facebook and WhatsApp have requested an injunction against the NSO Group, forbidding them to access or attempt to access Facebook or WhatsApp. It asks that the defendants also not be allowed to create or maintain WhatsApp or Facebook accounts.

WhatsApp was purchased by Facebook in 2014 for around $19 billion.

Will Cathcart, head of WhatsApp, said in an op-ed piece published by The Washington Post that the suit was filed against the NSO Group because "the attackers used servers and Internet-hosting services that were previously associated with NSO."

"In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO," Cathcart continued. "While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful."

According to the NSO Group's website, the company "creates technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe."

"Our aspiration is to set the standard for transparency in the digital surveillance and communication interception sector," reads the NSO Group's transparency policy. "However, strict legal, contractual and commercial constraints limit our freedom to disclose specific information, including information regarding our customers and our products. Furthermore, as we have no knowledge of the actual use of our products by our customers, we cannot report on it."