Transform Your Selfies into Fun Stickers with WhatsApp's New Feature!

NSO Lawyer Reveals Mexico, Saudi Arabia, and Uzbekistan as Spyware Clients in 2019 WhatsApp Hacking Scandal

The ongoing legal battle between Meta-owned WhatsApp and NSO Group has unveiled significant details regarding the involvement of several governments in a major hacking campaign. The 2019 hacking campaign targeted over 1,200 WhatsApp users with the notorious Pegasus spyware, and revelations from a recent hearing have implicated countries such as Mexico, Saudi Arabia, and Uzbekistan.

Details from the Hearing

During a hearing last Thursday, lawyer Joe Akrotirianakis from NSO Group identified Mexico, Saudi Arabia, and Uzbekistan as customers of the spyware, marking the first time the company has publicly acknowledged its clientele. This information emerged amid a lawsuit initiated by WhatsApp against NSO Group in 2019, claiming that approximately 1,400 users were compromised through a vulnerability in the app. The lawsuit highlights that among the victims, there were more than 100 individuals working as human rights activists, journalists, and members of civil society.

Victims of the Spyware Campaign

  • Human rights activists
  • Journalists
  • Members of civil society

Reports from Citizen Lab, a digital rights organization, played a crucial role in helping WhatsApp identify the victims of this hacking campaign.

Implications for NSO Group’s Customers

During the proceedings, Akrotirianakis hinted that there are at least eight customers whose details are part of the discovery process, although only three were named in court. Additionally, he indicated that a list of countries housing the 1,223 victims could also represent NSO Group’s clients. He stated, “Pegasus was licensed for territories and can only be used within those territories.”

List of Countries Involved

The countries identified as part of this list include:

  • Bahrain
  • India
  • Morocco
  • Spain
  • United Kingdom
  • United States
READ ALSO  Google Reignites Acquisition Talks for Wiz with Increased Valuation

Notably, Saudi Arabia was mentioned during the hearing but does not appear on the list of 51 countries reportedly involved.

Potential Misuse of the Spyware

Citizen Lab previously reported that NSO Group’s clients may have targeted individuals outside their territories. For instance, in 2017, there were indications that clients in Mexico could have aimed their efforts at individuals located in the United States.

WhatsApp’s Response and Future Proceedings

WhatsApp spokesperson Zade Alsawah expressed optimism about the trial, emphasizing the need to secure an injunction against NSO Group to safeguard user privacy. In a recent pre-trial order, the presiding judge acknowledged that while NSO Group had provided documents indicating at least four countries as its customers, the company had not officially confirmed these identities.

The judge noted, “The evidentiary record is opaque as to which of NSO’s clients were responsible for the attacks… and thus WhatsApp was unable to discover evidence regarding the screening procedures followed.”

Background of Pegasus Usage

For years, organizations like Amnesty International and Citizen Lab have documented instances of Pegasus being used to target journalists, dissidents, and human rights defenders in several countries, including Mexico, Hungary, and Spain.

As the legal proceedings continue, TechCrunch has reached out to the embassies of Mexico, Saudi Arabia, and Uzbekistan for comments and will provide updates as more information becomes available.

Similar Posts

Unveiling Potential Paragon Spyware Customers: Countries Under the Spotlight

Unveiling Potential Paragon Spyware Customers: Countries Under the Spotlight

Bysupport

Recent findings by The Citizen Lab have raised alarms about Israeli spyware maker Paragon Solutions, linked to governments in Australia, Canada, Cyprus, Denmark, Israel, and Singapore. A report details potential deployments of Paragon’s spyware, Graphite, which targets apps stealthily. WhatsApp previously notified users about possible Paragon spyware, igniting controversy. Despite Paragon’s claims of serving only democratic clients, its credibility is under scrutiny, especially following its acquisition by U.S. firm AE Industrial Partners. The report emphasizes the risks of commercial spyware misuse against civil society, highlighting the urgent need for accountability in the surveillance industry.

Data Breach Alert: DISA Reveals Hackers Compromised Personal Information of Over 3 Million Employees

Data Breach Alert: DISA Reveals Hackers Compromised Personal Information of Over 3 Million Employees

Bysupport

DISA Global Solutions has reported a data breach affecting over 3.3 million individuals, raising concerns for organizations relying on its employee screening services. The breach, confirmed on April 22, 2024, involved unauthorized access to DISA’s systems beginning February 9, 2024, remaining undetected for over two months. Compromised data includes Social Security numbers, financial information, and government-issued IDs. Over 360,000 residents from Massachusetts were affected. Despite an investigation, DISA could not determine the exact data accessed. The identity of the attackers is unknown, and DISA has not responded to inquiries regarding the incident. Affected individuals are advised to monitor their accounts for identity theft.

CISA Election Security Officials Placed on Leave: Key Insights and Implications

CISA Election Security Officials Placed on Leave: Key Insights and Implications

Bysupport

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is undergoing significant changes, with 17 members of its election security team placed on administrative leave amid a review. This has raised concerns about safeguarding election security ahead of the 2024 elections. The affected employees, including 10 regional security officials, played key roles in addressing cybersecurity threats like ransomware attacks. The agency’s future is uncertain following the departure of former director Jen Easterly and a lack of new leadership. CISA’s commitment to election security is now in question, prompting calls for transparency and updates on its actions.

Unlocking Secrets: Accessing Private GitHub Repos Through Copilot Despite Previous Exposure

Unlocking Secrets: Accessing Private GitHub Repos Through Copilot Despite Previous Exposure

Bysupport

Security researchers warn about the risks of data exposure on the internet, which can persist in generative AI chatbots like Microsoft Copilot. Findings from Israeli cybersecurity firm Lasso reveal that thousands of previously public GitHub repositories, including those from major companies, are at risk of exposure. Lasso discovered that even data from repositories set to private remains accessible through Copilot due to indexing by Bing. Over 20,000 repositories made public in 2024 were identified, affecting more than 16,000 organizations, including Amazon and Google. Despite notifying Microsoft, which deemed the issue low severity, Lasso emphasizes ongoing risks with exposed data.

Newly Discovered Android Vulnerabilities Exploited in Student Phone Hack: What You Need to Know

Newly Discovered Android Vulnerabilities Exploited in Student Phone Hack: What You Need to Know

Bysupport

Amnesty International has reported that Google has patched critical vulnerabilities in Android that previously allowed authorities to unlock devices using Cellebrite’s forensic tools. These zero-day vulnerabilities, discovered during an investigation into the hacking of a student protester’s phone in Serbia, affect over a billion Android devices. The collaboration between Amnesty and Google’s Threat Analysis Group led to the identification and fixing of these flaws. Amnesty emphasized the risks to digital privacy for activists and journalists, noting that unauthorized access to their devices undermines human rights. As a precaution, experts recommend that activists consider switching to iPhones due to ongoing security concerns.

Telr and Bank AlJazira Join Forces to Revolutionize Digital Payments in Saudi Arabia

Telr and Bank AlJazira Join Forces to Revolutionize Digital Payments in Saudi Arabia

Bysupport

Telr has partnered with Bank AlJazira to support Saudi Arabia’s Vision 2030 initiative, promoting a cashless economy. This collaboration aims to enhance transaction efficiency by offering merchants and customers faster payments, advanced fraud protection, and a seamless checkout experience. Key features include payment links, recurring payments, e-invoicing, and Buy Now, Pay Later options. Founded in 2014, Telr specializes in secure payment solutions across the Middle East, while Bank AlJazira provides a range of banking services in Saudi Arabia. This partnership is expected to boost e-commerce growth and customer trust in digital transactions, transforming the payment landscape in the Kingdom.

Leave a Reply

Your email address will not be published. Required fields are marked *