SECURITY
SECURITY
SECURITY
Facebook claims NSO Group used US servers when hacking WhatsApp accounts
Facebook Inc. has alleged that Israeli spyware company NSO Group Technologies Ltd. hacked about 1,400 WhatsApp users using U.S. servers.
The claim came in a court filing Friday made in response to an attempt by NSO Group and its affiliate Q Cyber Technologies Ltd. to have the WhatsApp lawsuit dismissed. NSO claims that it has sovereign immunity from the lawsuit, filed in October, since it works hand-in-hand with foreign government intelligence agencies.
Facebook countered by saying that NSO and Q Cyber were liable under U.S. law because they had used servers based in the U.S. belonging to Amazon Web Services Inc. and a California data center company called QuadraNet to undertake its alleged hacking campaigns.
According to The Jerusalem Post, Facebook asserts that NSO had a contract with QuadraNet, using its server “more than 700 times during the attack to direct NSO’s malware to WhatsApp user devices in April and May 2019.” Along with providing IP addresses, Facebook said, NSO used a number of subdomains hosted on Amazon servers during the attacks.
The attacks are alleged to have targeted human rights defenders, journalists and other members of “civil society” across the world, including lawyers, diplomats and senior foreign government officials. Those targeted primarily resided in Bahrain, the United Arab Emirates and Mexico.
The hacking involved the use of Pegasus, a form of malware that allegedly contacts NSO command-and-control servers for instructions. Where liability becomes shady is that Pegasus is sold by NSO but not necessarily operated by it.
NSO Group once again denied the allegations. “Our products are used to stop terrorism, curb violent crime and save lives,” the company said. “NSO Group does not operate the Pegasus software for its clients, nor can it be used against U.S. mobile phone numbers, or against a device within the geographic bounds of the United States.”
The WhatsApp case is not the only scrutiny facing the NSO Group. The U.S. Federal Bureau of Investigation also is said to be investigating the company to see if it was involved in hacking U.S. residents and companies.
Reuters reported in January that the FBI was also looking into whether NSO software was used in the hack of a phone belonging to Amazon.com Inc. Chief Executive Officer Jeff Bezos. That hack was linked to Saudi Crown Prince Mohammed bin Salman.
Photo: Christoph Scholz/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
