Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

NSO Group entirely responsible for operating Pegasus spyware, not clients

New court documents in WhatsApp’s ongoing court battle against Israeli spyware maker reveal details of hacking operations.

user icon David Hollingworth
Fri, 15 Nov 2024
NSO Group entirely responsible for operating Pegasus spyware, not clients
expand image

Newly released and unredacted court documents have shed new light on the operations of Israeli spyware maker the NSO Group.

According to the unredacted depositions of several NSO Group employees filed overnight by WhatsApp as part of its ongoing litigation against the company, the NSO Group itself is responsible for operating its Pegasus spyware on behalf of its clients, not the clients themselves, as was previously thought.

According to Josh Shaner, a former employee of US-based NSO affiliate Westbridge, a customer “only needed to enter the target device’s number and ‘press Install, and Pegasus will install the agent on the device remotely without any engagement’.”

============
============

“The rest,” Shaner said, “is done automatically by the system”.

WhatsApp said in its filing: “In other words, the customer simply places an order for a target device’s data, and NSO controls every aspect of the data retrieval and delivery process through its design of Pegasus.”

Yaron Shohat, NSO’s CEO and chief operating officer at the time that Pegasus was used to infect the devices of 1,400 WhatsApp users in 2019, was also deposed. According to WhatsApp’s filing, he admitted “the actual process for installing Pegasus through WhatsApp was ‘a matter for NSO and the system to take care of, not a matter for customers to operate’.”

This new twist is the latest revelation in the ongoing court battle between WhatsApp and the NSO Group. In July, a set of leaked documents from the Israel Ministry of Justice revealed disturbing insights into the links between the Israeli government and spyware maker the NSO Group.

The leaked data revealed that the Israel Ministry of Justice seized the documents before they could be shared with the US court through the discovery process. The Justice Ministry also enacted a gag order to keep the seizure under wraps.

According to the website Forbidden Stories, the leaked documents show “that in 2020, NSO’s legal team believed that sensitive documents, such as its full customer list, including ‘US customers’, contracts, or even information related to ‘the Jeff Bezos hack or Khashoggi killing’ could be among the files that might fall under the discovery”.

Amnesty International’s Security Lab’s Donncha Ó Cearbhaill said at the time that the documents “call into question Israel’s commitment to impartially regulate NSO Group and cast doubt on its ability to provide justice, truth and reparation to those affected by Pegasus spyware.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.