Revealed: Court Documents Expose Locations of WhatsApp Victims Targeted by NSO Spyware
The infamous NSO Group has been under fire for its controversial spyware, Pegasus, which was utilized to compromise the accounts of 1,223 WhatsApp users across 51 countries during a targeted hacking operation in 2019. A recent court document released in connection with the ongoing lawsuit filed by Meta-owned WhatsApp against NSO Group sheds light on the extensive reach of this malicious software.
Details of the 2019 Hacking Campaign
The court document, published on Friday, reveals that WhatsApp accused the NSO Group of exploiting a vulnerability within its platform to target a large number of users. This includes over 100 human rights activists, journalists, and various members of civil society. Initially, WhatsApp estimated that around 1,400 users were affected, but the new exhibit specifies that 1,223 individuals were indeed targeted.
Victim Distribution by Country
According to the report, the countries with the highest number of victims are as follows:
- Mexico: 456 victims
- India: 100 victims
- Bahrain: 82 victims
- Morocco: 69 victims
- Pakistan: 58 victims
- Indonesia: 54 victims
- Israel: 51 victims
Additionally, there were victims reported in several Western countries, including:
- Spain: 12 victims
- The Netherlands: 11 victims
- Hungary: 8 victims
- France: 7 victims
- United Kingdom: 2 victims
- United States: 1 victim
These findings provide a rare glimpse into the geographical distribution of NSO Group’s clientele and their targets. The information was first highlighted by the Israeli news outlet CTech.
The Scale of Surveillance
Cybersecurity expert Runa Sandvik emphasized that while many articles have reported on the usage of Pegasus, they often overlook the true extent of its reach. Many victims remain unaware they have been targeted, and the documented cases reflect only a fraction of the actual number.
Sandvik noted, “The list we see here — with 456 cases in Mexico alone, speaks volumes about the true scale of the spyware problem.”
Rapid Targeting in a Short Period
Remarkably, the hacking campaign unfolded over just two months, specifically from April to May 2019. During this brief window, NSO Group’s clients managed to compromise over a thousand WhatsApp accounts.
It’s crucial to mention that the presence of victims in certain countries does not necessarily indicate that those countries’ governments were directly involved. For instance, while Syria is listed among the victims, NSO Group is prohibited from exporting its technology to the country due to international sanctions.
Financial Implications for NSO Group
The sheer number of targeted individuals also provides insights into NSO Group’s lucrative business model. Companies like NSO Group adjust their pricing based on the scale of their operations. Reports indicate that Mexico alone spent over $60 million on NSO’s spyware, as cited in a New York Times article from 2023.
Legal Proceedings Against NSO Group
In a significant legal development, WhatsApp achieved a landmark victory when a judge ruled that NSO Group had violated U.S. hacking laws. The lawsuit is proceeding to the next phase, where a hearing will determine the financial penalties that NSO Group will face.
In addition to the victim list, the WhatsApp lawsuit has uncovered that NSO Group severed ties with 10 government clients due to reported misuse of the spyware. Furthermore, the cost for a one-year license for the WhatsApp hacking tool was revealed to be as high as $6.8 million, contributing to the company’s reported revenue of at least $31 million in 2019.
As the case unfolds, WhatsApp spokesperson Zade Alsawah declined to provide comments, while NSO Group has yet to respond to inquiries.
For further updates on this evolving situation, follow our TechCrunch coverage.
