WhatsApp scored a major victory over the NSO group Tuesday when a jury ordered the infamous spy maker to pay more than $167 million in damages to the Meta-owned company.
The ruling concludes a legal battle spanning more than five years that began in October 2019, when WhatsApp accuses the NSO group of attacking more than 1,400 users by exploiting vulnerability in the audio call feature of the chat app.
The verdict brought some testimony during a week-long jury trial, including NSO Group CEO Yaron Shohat and WhatsApp employees, who responded and investigated the incident.
Even before the trial began, several revelations were unearthed, including the NSO group cutting off 10 government clients for misuse of Pegasus Spyware, 1,223 locations of the Spyware activity, and the names of three Spyware Maker’s clients: Mexico, Saudi Arabia, Saudi Arabia, Saudi Arabia, Saudi Arabia, Saudi Arabia and Uzbekistan.
TechCrunch reads the trial hearing transcripts and highlights the most interesting facts and revelations. We will update this post as we learn more from the 1000+ page cache.
As WhatsApp's attorney Antonio Perez said during the trial, the zero-click attack means that spyware does not need to interact with the target, "by calling the target with a fake whatsapp phone". The lawyer explained that the NSO group has built what is called the "WhatsApp installation server", a special machine designed to send malicious messages that mimic real messages in WhatsApp's infrastructure.
"Once received, these messages will trigger the user's phone to touch the third server and download the Pegasus spyware. The only thing they need to do is the phone number," Perez said.
"Any zero-click solution is an important milestone for Pegasus," testified Tamir Gazneli, vice president of R&D at NSO Group.
For years, NSO Group claimed that its spyware cannot be used for U.S. phone numbers, meaning any cell number starting with +1 country code.
In 2022, the New York Times first reported that the company had "attacked" the U.S. phone, but it was part of the FBI's testing.
NSO Group's attorney Joe Akrotirianakis confirmed this, saying Pegasus cannot target the "single exception" of the +1 number "is a specially configured version of Pegasus that can be used to demonstrate demonstrations to potential U.S. government clients."
The FBI reportedly chose not to deploy Pegasus after testing.
Shohat, CEO of NSO, explained that the user interface Pegasus provides for its government customers does not offer options for hacking methods or technologies that target their interest because customers don’t care about the vectors they use as long as they get the intelligence they need. ”
In other words, the backend is the Pegasus system, picking out the hacking technology (called exploits) that is used every time the spyware targets an individual.
In an interesting coincidence, the NSO Group's headquarters in Herzliya, a suburb of Tel Aviv, Israel, is the same as Apple's buildings, and Apple's iPhone customers are also frequently targeted by NSO's Pegasus Spyware. Shohat said NSO takes up the first five floors and Apple takes up the rest of the 14-story building.
The fact that the NSO Group Headquarters publicly advertises is interesting in itself. Other companies that develop spyware or zero-days, such as Variston, Barcelona, which closed in February, are located in a space where they work together, while claiming that their official website is located elsewhere.
WhatsApp filed a lawsuit against NSO Group in November 2019 after the spyware attack. Despite positive legal challenges, the spyware maker has been targeting users of chat apps, according to Tamir Gazelli, vice president of research and development at NSO Group.
"Erized" is the code name for one of WhatsApp zero-click vectors, from the end of 2019 to May 2020, Gazneli said.