Security Experts:

Connect with us

Hi, what are you looking for?



NSO Group: Israeli Firm Accused of Cyberespionage

Israeli spyware company NSO Group is accused by WhatsApp of cyberespionage targeting journalists, lawyers, human rights activists and others on the Facebook-owned messaging service.

– Pocket spy –

Israeli spyware company NSO Group is accused by WhatsApp of cyberespionage targeting journalists, lawyers, human rights activists and others on the Facebook-owned messaging service.

– Pocket spy –

Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli seaside hi-tech hub of Herzliya, near Tel Aviv. It says it employs 600 people in Israel and around the world.

It produces Pegasus, a highly invasive tool that can reportedly switch on a target’s cell phone camera and microphone and access data on it, effectively turning the phone into a pocket spy.

NSO Group’s annual report filed in February of 2019 listed Israel-based Q Cyber as the only active director and its majority shareholder, according to a lawsuit filed by WhatsApp.

– What’s up at WhatsApp –

WhatsApp on Tuesday sued NSO Group and Q cyber, accusing them of using the messaging service to conduct cyberespionage.

The suit filed in a California federal court contended that NSO Group tried to infect approximately 1,400 “target devices” with malicious software to steal valuable information from those using the messaging app.

Infecting smartphones or other gadgets being used for WhatsApp messages meant the content of messages encrypted during transmission could be accessed after they were unscrambled for recipients.

WhatsApp head Will Cathcart said the lawsuit was filed after an investigation showed the Israeli firm’s role in the cyberattack, despite its denials.

The complaint said the attackers “reverse-engineered the WhatsApp app and developed a program to enable them to emulate legitimate WhatsApp network traffic in order to transmit malicious code” to take over the devices.

– Khashoggi denial –

In an interview early this year with Israeli daily Maariv, Hulio was asked about reports that telephone spyware was used to bug Jamal Khashoggi prior to the Saudi journalist’s October 2018 murder in Istanbul.

“As a human being and as an Israeli, what happened to Khashoggi was a shocking murder,” the company’s CEO said.

“I can tell you on the record that Khashoggi was not targeted by any NSO product or technology, including listening, monitoring, location tracking and intelligence collection.”

– A hit in Mexico ? –

In Mexico, where investigative journalist Javier Valdez was shot dead on the street in broad daylight in 2017, prominent journalists and activists say the government of former president Enrique Pena Nieto targeted them using Pegasus.

The New York Times reported at the time that at least three Mexican federal agencies had purchased some $80 million of spyware from NSO Group since 2011.

In one case, international experts investigating the disappearance of 43 students in Mexico in 2014 were targeted with the spyware after it had been sold to the government, the experts said.

In 2016, Apple rushed out a security update after researchers said prominent Emirati rights activist Ahmed Mansoor was targeted by UAE authorities using Pegasus spyware.

The software has been pinpointed by independent experts as likely being used in a number of countries with poor human rights records.

– Court challenge –

NSO Group’s website says the company has “a pioneering approach to applying rigorous, ethical standards to everything we do.”

It says it has a vetting process on sales that combines licensing by Israeli export-control authorities with an internal review by a business ethics committee.

The firm has maintained that it only licenses its software to governments for “fighting crime and terror.”

UK-based rights group Amnesty International, however, said earlier this year that members and supporters in Israel petitioned the Tel Aviv district court against continued government export approval for NSO Group software.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.