- NSO Group must pay almost $ 167.5 million in damage to WhatsApp
- 1,400 users were committed through a vulnerability of audio calls
- Goal wants to donate to digital rights organizations
NSO Group has been ordered to pay more than $ 167 million in punitive damage and almost half a million ($ 445,000) in compensatory damage to WhatsApp after a five -year legal battle.
The fines come from a 2019 piracy campaign that affects more than 1,400 WhatsApp users, with NSO using Pegasus Spyware to exploit a vulnerability of audio calls in the mobile application.
Among those affected were high profile individuals and public figures, such as journalists, activists and diplomats, with the Spyware of the Israeli cyber intelligence firm also capable of accessing electronic emails, texts, financial data, location data and remote camera and microphone activation.
The Israel NSO group will pay more than $ 167 million in damage to WhatsApp
“In a nutshell, Pegasus de NSO works to compromise the phones of people with spyware capable of accumulating information of any application installed on the device,” Meta explained in an ad.
Meta said Pegasus, when installed on an affected phone, has the ability to “accumulate information of any application installed on the device.”
Given the scope of Pegasus’s objective data, Meta has also confirmed that “WhatsApp was far from the sole objective of NSO.”
The technological giant did not appoint any other affected company, but it has admitted that dozens of millions of dollars spend annually to develop malware installation methods, which may include through instant messagers, browsers and operating systems, both iOS and Android.
NSO Group states that he sells his spyware only to governments, however, there are growing attacks against citizens who suggest that malicious actors have also been able to have the Spyware in their hands, whether they are affiliated with the government or otherwise.
“Pegasus is designed to be stealthy and evade forensic analysis, avoid the detection of antivirus software and can be deactivated and eliminated by operators,” the Citizen laboratory explained.
Even after six years, Meta has recognized that there could be a long way to go before the damage is paid, however, the company “would like to make a donation to digital rights organizations that are working to defend people against such attacks around the world” as a result of their success in court.
