by

NSO Denies Using WhatsApp to Infect Hundreds of Users With Surveillance Malware

WhatsApp and its parent company Facebook are suing Israeli surveillance company NSO, according to an op-ed published Tuesday by the Washington Post, which was authored by Whatsapp CEO Will Cathcart

Omer Kabir, Hagar Ravet, and Adi Pick 12:4430.10.19

Encrypted messaging app WhatsApp and its parent company Facebook are suing Israeli surveillance company NSO Group, according to an op-ed published Tuesday by the Washington Post, which was authored by Whatsapp CEO Will Cathcart.The two companies have filed a complaint to the Northern District of California Court, which was viewed by Calcalist. In it, the companies allege that NSO and its Luxembourg-based affiliate Q Cyber Technologies Ltd. used WhatsApp servers to deliver malware to approximately 1,400 devices, for the purpose of surveilling certain Whatsapp users.

The breach was first reported in May by the Financial Times.

NSO founders Omri Lavie (left) and Shalev Hulio. Photo: Bar Cohenצילום: בר כהן

In response to Calcalist’s request for comment, a spokesperson for NSO said Tuesday that the company “firmly rejects WhatsApp’s claims.” Back in May, an NSO spokesperson said in a statement that “under no circumstances would NSO be involved in the operating or identifying of targets of its technology.”

In his op-ed, Cathcart alleged that NSO secretly transmitted malicious code to WhatsApp users through what appeared to be a video call, and that users’ phones were infected with the malware whether or not they answered the call. The lawsuit alleged that NSO has used this technique to target journalists, human rights activists, political dissidents, lawyers, diplomats, and other foreign government officials in countries including Mexico, Bahrain, and the United Arab Emirates.

According to the lawsuit, NSO also targeted computer systems and networks located in the state of California, giving the California court jurisdiction to hear the case.