WhatsApp is suing the world’s top hacking company

WhatsApp is suing the world’s top hacking company

WhatsApp is suing the Israeli hacking company NSO Group in US federal court, the head of WhatsApp, Will Cathcart, announced in the Washington Post today.

WhatsApp accuses NSO Group of exploiting a vulnerability to target approximately 1,400 phones and devices with “malware designed to infect with the purpose of conducting surveillance on specific WhatsApp users.” You can read the complaint here from WhatsApp, which is owned by Facebook.

The hack allowed NSO Group and its customers to spy on messages, emails, and phone calls, as well as the cameras and microphones of the devices in question.

“There was another disturbing pattern to the attack, as our lawsuit explains,” Cathcart wrote. “It targeted at least 100 human-rights defenders, journalists and other members of civil society across the world.”

Who: NSO Group, owned by the parent company Q Cyber Technologies, is an Israeli firm that’s become a world leader in building malware that targets mobile phones and devices. They operate around the world and with a wide variety of governments.

The list of publicly known customers and victims has made NSO infamous: Ahmed Mansoor, a human rights activist in the United Arab Emirates, is serving a ten-year prison sentence after NSO malware was reportedly used to repeatedly spy on him.

“NSO has previously denied any involvement in the [WhatsApp] attack,’” Cathcart wrote. “But our investigation found otherwise.”

The complaint centers on what WhatsApp lawyers say is NSO Group’s unauthorized access and use of WhatsApp servers in order to emulate legitimate network traffic and WhatsApp calls as part of the operations to infect targeted devices. Malicious code concealed within the calls was the infection.

Researchers at the University of Toronto’s Citizen Lab have investigated and reported on the "journalists, human rights activists and defenders, lawyers, international investigators, political opposition groups, and other members of civil society" they say have been targeted by NSO Group malware.

The company was recently sold to Novalpina Capital and has since publicly stated it would adhere to United Nations principles but Citizen Lab asserts the abuses have continued.

**What does it mean? **A tech giant suing NSO Group is a virtually unprecedented step that will test the hacking industry that has been expanding in recent years.

NSO Group did not respond to a request for comment.

Cathcart added that tech giants should join U.N. Special Rapporteur David Kaye’s recent call for an immediate moratorium on the sale, transfer, and use of surveillance tools like NSO Group malware.