Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019. The lawsuit claims that NSO took advantage of a vulnerability in WhatsApp to install the Pegasus spyware on certain user devices without their permission.
This means NSO exploited a flaw in WhatsApp to install spyware on specific phones without authorization.
As per the court document, Judge Hamilton has ordered NSO Group to reveal all spyware code related to the alleged attacks from April 2018 to May 2020 in response to WhatsApp’s lawsuit.
This contains detailed information about the spyware’s functions and signifies a major advancement in the ongoing legal dispute, as WhatsApp aims to acquire insights into the inner workings of Pegasus for defensive reasons.
Lawsuit Background
The case WhatsApp filed against NSO Group, in which the company is accused of targeting 1,400 users with the Pegasus malware, is gaining momentum.
In a recent ruling, the court rejected NSO Group’s efforts to evade responsibility by ordering the disclosure of pertinent documents and code.
Because it might reveal Pegasus’s technological capabilities and aid in legal action, this revelation might be crucial evidence for the people Pegasus targeted.
Additionally, Pegasus’s alleged abuse against political leaders is the focus of investigations in Spain and Poland.
This spyware’s technological abuse has been more understood and addressed thanks to these investigations and the developments in the WhatsApp case.
Count Response
WhatsApp has taken legal action against NSO Group, claiming that the latter’s Pegasus spyware infected 1,400 devices, including those of journalists, activists, and government officials, by using a WhatsApp vulnerability (CVE-2019-3568).
WhatsApp wants the NSO source code to figure out the vulnerability and maybe build a defense.
The court ignores NSO’s sovereign immunity claims and orders to disclose attack-related code while classifying client and server architectural specifics.
This is a massive victory for WhatsApp, but other companies in the spyware sector are still operational despite penalties and government pressure, and NSO is also facing litigation along these lines.
Despite the NSO’s assertions that it is solely intended for recognized nations, Pegasus has widely targeted human rights advocates and journalists.
To seek compensation, victims of Pegasus must first determine who is using it.
The decision of Judge Hamilton allows victims of the Pegasus spyware to take legal action by suing WhatsApp to uncover the identity of the malware’s deployer.
This decision aligns with WhatsApp’s values of user safety and discouraging bad actors from abusing the platform, which is why WhatsApp supports it.
A precedent for corporations to be held liable for aiding spyware assaults has been established by this decision.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.