San Francisco, California — WhatsApp achieved a significant legal victory against NSO Group when a jury awarded the Meta-owned messaging platform over $167 million in damages. The ruling marks the conclusion of a protracted legal battle that began in October 2019, following WhatsApp’s allegations that NSO Group exploited a vulnerability in its audio-calling feature to hack the accounts of more than 1,400 users.
This landmark decision emerged from a trial that lasted a week and included testimonies from several key figures, including NSO Group’s CEO Yaron Shohat and WhatsApp employees involved in the investigation. The case disclosed troubling details about NSO Group’s operations, highlighting that the company had terminated contracts with 10 government clients due to misuse of its controversial Pegasus spyware.
During the trial, evidence revealed the mechanics of the zero-click attack, which required no user interaction. WhatsApp attorney Antonio Perez explained how the attack functioned: a fraudulent WhatsApp call would ultimately lead the target’s device to download the Pegasus spyware without their knowledge, using just the phone number of the victim. Tamir Gazneli, NSO’s vice president of research and development, acknowledged that any zero-click solution represented a significant advancement for the Pegasus software.
In previous claims, NSO Group insisted that its spyware could not target U.S. phone numbers. However, revelations surfaced during the trial indicating that the company did test Pegasus on an American number as part of a demonstration for the FBI in 2022. NSO’s lawyer later confirmed that this test represented a unique exception.
Shohat offered insights into how Pegasus operates, clarifying that the user interface provided to its government clients does not allow them to select specific hacking techniques. Instead, the backend system automatically determines the appropriate method to obtain intelligence from the identified target.
In a noteworthy coincidence, NSO Group’s headquarters in Herzliya, Israel, shares a building with Apple. This location is particularly ironic, given that NSO’s Pegasus spyware frequently targets iPhone users. NSO occupies the top five floors of the 14-story building, with Apple residing on the remaining floors.
Despite the ongoing litigation since the lawsuit was filed in November 2019, NSO reportedly continued its targeting of WhatsApp users. Gazneli admitted that a version of the zero-click attack, codenamed “Erised,” remained active until May 2020, alongside other versions known as “Eden” and “Heaven,” collectively referred to as “Hummingbird.”
The implications of this verdict extend far beyond just the financial penalty imposed on NSO Group, underscoring the growing scrutiny and accountability facing companies involved in the development of spyware technology. As digital privacy concerns continue to rise, this decision may serve as a wake-up call to those who operate in the shadows of the tech industry.
This article was automatically written by OpenAI, and the people, facts, circumstances, and story may be inaccurate. Any article can be requested to be removed, retracted, or corrected by writing an email to contact@publiclawlibrary.org.