On May 6, WhatsApp scored a great victory over NSO Group When the jury ordered the notorious spyware maker to pay more than 167 million dollars as compensation to the company owned by the description.
The referee concluded a legal battle that extends for more than five years, which started in October 2019 when Whatsapp accused the NSO group From hacking more than 1,400 of its users by taking advantage of the vulnerability in the chat application Voice communication functions.
The ruling came after a week’s jury tried to have many certificates, including Yaron Shitat, CEO of the NSO group who responded and achieved in the accident.
Even before the trial began, the case discovered many revelation, including that NSO group She had cut 10 of her government agents To abuse the PEGASUS Spy programs, Sites 1223 victims From the spyware campaign, and the names of three customers of spyware manufacturers: Mexico, Saudi Arabia and Uzbekistan.
Read techcrunch more than 1000 pages of court texts of the trial sessions. We highlighted the most interesting facts and revelations below.
A new certificate described how WhatsApp was done
the Click an attackThis means that spyware did not require any interaction of the goal, “I worked by placing a fake phone phone and WhatsApp phone,” said WhatsApp Antonio Perez’s lawyer during the trial. The lawyer explained that the NSO group built what was called “WhatsApp”, a special device designed to send harmful messages via the WhatsApp infrastructure that mimics real messages.
“Once you receive, these messages will operate the user’s phone to reach a third server and download Pegasus Spy programs. The only thing they need to achieve this is the phone number,” Perez said.
NSO Group’s Vice President for Development and Development witnessed that Tamir Gazneli has witnessed that “any solution of a zero click is an important milestone for Bigasus.”
NSO has admitted that it continued to target WhatsApp users after filing the lawsuit
After the spyware attack, WhatsApp filed a lawsuit against NSO GROUP in November 2019.
Gazni said that “ERISED”, the symbolic name of one of the WhatsApp Zero-Click, was in use from late 2019 to May 2020. Other versions were called “Eden” and “Heaven”, and the three were collectively known as “The Bird”.
NSO confirms that she targeted an American phone number as a federal investigation office
Contact us
Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can connect to Lorenzo Franceschi-bicchierai safe Email.
For years, NSO Group claimed that spyware against American phone numbers cannot be used, which means any cell number starts with the code of country +1.
In 2022, The New York Times reported for the first time The company “attacked” an American phone, but it was part of a federal investigation office test.
NSO Group Joe Akroterianakis confirmed that, “The individual exception” of PEGASUS is unable to target +1 numbers “was a specially composed version of Pegasus for use in the demonstration of potential US government customers.
Federal Bureau of Investigation According to what was reported, he chose Not publishing PEGASUS after testing it.
How to use NSO Pegasus government customers
NSO CEO Shitat explained that the PEGASUS user interface for its government agents does not provide an option to choose the method of penetration or technology that must be used in exchange for the goals they care about, “because customers do not care about the tragedy they use, as long as they get the intelligence they need.”
In other words, it is the PEGASUS system in the back interface that chooses piracy technology, known as the name ExploitTo use every time it targets individual spyware.
NSO says it hires hundreds of people
Shitat revealed small but noticeable details: NSO Group and its mother company, Q Cyber, a joint number of employees with a total of 350 and 380. About 50 of these employees work in Q Cyber.
NSO headquarters participates in the same building as Apple
Film coincidence, the NSO’s Group Headquarters In Harslia, a suburb of Tel Aviv in Israel, in the same building As AppleWho are also targeting iPhone customers frequently by PEGASUS Spy’s NSO software. Shthat said that NSO occupies the first five floors and occupies the Apple of the rest of the 14 -storey building.
“We share the same elevator when we go.”
The fact that the NSO group, which is announced publicly, is somewhat interesting on its own. Other companies that develop spyware or zero days such as Farston is based in Barcelonaany Closed in FebruaryHe was located in the joint work area while calling on its official website that it is located elsewhere.
Pegasus Spyware costs European clients millions
During their testimony, an employee of NSO Group revealed the extent of the company imposed on European customers to reach PEGASUS spyware between 2018 and 2020, saying that the “standard price” is $ 7 million, in addition to an additional million dollars or so for the “Covert carriers”.
These new details were included in the court document without the full context of the certificate, but it provides an idea of the amount of advanced spyware such as Pegasus can cost governments. Although it is not explicitly defined, “Coving” is likely to refer to the hidden techniques used to grow spyware on the target phone, such as a Click zero exploitationThe Pegasus operator does not need to interact with a message or click a link to get a penetration.
the The prices of spyware and zero days can vary depending on In several factors: The customer, given that some spyware makers receive more when selling to countries such as Saudi Arabia or the United Arab Emirates, for example; The number of simultaneous goals that the customer can spy at any specific time; Additional function features, such as zero click capabilities.
All of these factors can explain why the European customer pays $ 7 million in 2019, While it was said that the Kingdom of Saudi Arabia paid $ 55 million and Mexico paid $ 61 million For several years.
NSO describes a terrible financial case
During the trial, Shthat answered questions about the company’s financing, some of which were disclosed in pre -trial deposits. These details have been brought in relation to the extent of the damage that the spyware maker must pay to WhatsApp.
According to the NSO Group documents and documents, the espionage maker lost $ 9 million in 2023 and 12 million dollars in 2024. The company also had $ 8.8 million in its bank account starting in 2023 and $ 5.1 million in the bank as of 2024. At the present time, the company burns about $ 10 million every month, mostly on its salaries.
Also, it was revealed that Qyber has about $ 3.2 million in the bank in 2023 and 2024.
During the experiment, NSO unveiled the research and development unit – responsible for finding weaknesses in software and knowing how to use it – spent about $ 52 million in expenditures during 2023, and $ 59 million in 2024. Shitat also said that the NSO group customers are paying “somewhere between $ 3 million” and “ten times” to reach PEGASUS.
In these numbers, the spyware maker hoped to stay away from paying a little or non -existent.
“Frankly, I do not think we are able to pay anything. We are struggling to keep our head over the water,” said Shohat during his testimony. “We are committed to” Senior Financial officials “only to determine the priorities of expenses and ensure that we have enough money to meet our obligations, and it is clear that it is on a weekly basis.”
It was first published on May 10, 2025, and was updated with additional details.
https://techcrunch.com/wp-content/uploads/2018/12/whatsapp-toxic.jpg?resize=1200,675
Source link