Facebook sues Israeli firm NSO over using WhatsApp to target human rights activists

"After the phone rang, the attacker secretly transmitted malicious code in an effort to infect the victim's phone with spyware."

The Facebook application is seen on a phone screen August 3, 2017.  (photo credit: THOMAS WHITE / REUTERS)
The Facebook application is seen on a phone screen August 3, 2017.
(photo credit: THOMAS WHITE / REUTERS)
Facebook Inc. and WhatsApp Inc. filed a complaint in a US federal court against NSO Group, an Israeli cyber surveillance company.
The move followed several months of internal investigation following the detection of “a new kind of cyberattack involving a vulnerability in [WhatsApp’s] video-calling feature,” Will Cathcart, head of WhatsApp, wrote in The Washington Post on Tuesday.
In the attack that took place between April and May 2019, NSO allegedly “used WhatsApp servers, located in the United States and elsewhere, to send malware to approximately 1,400 mobile phones and devices,” WhatsApp and Facebook said in their complaint.
According to Cathcart, the attack “targeted at least 100 human-rights defenders, journalists and other members of civil society across the world.”
“A user would receive what appeared to be a video call, but this was not a normal call,” Cathcart said. “After the phone rang, the attacker secretly transmitted malicious code in an effort to infect the victim’s phone with spyware. The person did not even have to answer the phone.”
"We repeatedly hear about the crimes committed by people in Israel and around the world, and Israeli cyberwarfare toward innocent civilians, human rights activists, lawyers, politicians, journalists, etc.," said Amnesty International Israel campaigner Chen Brill Agri. "We hope that the District Court will require the Defense Ministry to revoke the NSO security export license, and will not try to eliminate, contrary to any logic, the unprecedented coverage of the global danger posed by this lawlessness, by any means."
In mid-May 2019, The Guardian reported that a UK lawyer whose phone was targeted by spyware that exploited a WhatsApp vulnerability said it appeared as an attempt to covertly find out the details of his human rights work. The lawyer, according to the British paper, was involved in a civil case brought against the NSO Group.
After the hack was discovered by WhatsApp, NSO Group told BBC News that “the company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions,” adding that the group investigates “any credible allegations of misuse and if necessary, we take action, including shutting down the system.”
NSO Group denied being involved in the hack itself, saying “under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.” It added that “NSO would not or could not use its technology in its own right to target any person or organization.”
WhatsApp, however, believes that the cyber surveillance company was directly involved in the hack. According to Cathcart, WhatsApp “learned that the attackers used servers and internet-hosting services that were previously associated with NSO.” He also said that “as our complain notes, we have tied certain WhatsApp accounts used during the attacks back to NSO.”

Stay updated with the latest news!

Subscribe to The Jerusalem Post Newsletter


Cathcart added that WhatsApp believes that “people have a fundamental right to privacy and that no one else should have access to your private conversation, not even us,” referring to the app’s end-to-end encryption.
“Mobile phones provide us with great utility, but turned against us they can reveal our locations and our private messages, and record sensitive conversations we have with others,” he added.
Amnesty International Israel released a statement on the most recent NSO fallout, stating, "Although the company claims to be conducting a thorough investigation process before selling its products, this claim is lacking in detail, and given the number of attacks on innocent civilians using its products - the process has already proved itself as [all for show]."
The statement continued, "NSO Group sells its products to governments known for their appalling human rights violations, and gives them the tools to track human rights activists and their critics. The Israeli Defense Ministry ignored the accumulation of evidence linking the NSO group to attacks on human rights defenders and did not take any action against it."
NSO Group has already found itself at the center of international controversies connected to human rights violations, including the alleged involvement of its software, Pegasus, in assisting Saudi Arabia tracking down journalist and Saudi dissident Jamal Khashoggi, who was assassinated in Turkey in October 2018.
In 2016, Khashoggi was banned from publishing or appearing on television in Saudi Arabia “for criticizing US President-elect Donald Trump,” The Independent said in December 2016, citing a report from Middle East Eye. He fled the kingdom in June 2017, going into self-imposed exile in the United States. In September of the same year, the journalist began writing for The Washington Post.
According to the New York Times, Saudi Crown Prince, Mohammed Bin Salman told Saudi journalist Turki Albakhil that he would go after Khashoggi “with a bullet,” feeling that the journalist’s publications were tarnishing the image of the kingdom and its policies.
In May 2019, human rights group Amnesty International, alongside with other human rights activists from various NGOs, filed a lawsuit with the Tel Aviv District Court, hoping the court would be able to make the Defense Ministry revoke the Herzliya-based company’s export license over human rights violations, following the Khashoggi affair and the WhatsApp hack.
In September 2019, NSO Group announced that it would comply with UN standards for evaluating purchases that require the company to probe allegations of reported misuse, similar to those brought up by Amnesty International and other human rights groups against NSO over the role of its software in human rights violations.