WhatsApp claims spyware firm launched attacks with US servers

Facebook just escalated its lawsuit over surveillance firm NSO Group’s WhatsApp call exploit attacks. The WhatsApp team has filed accusations that NSO relied on US-based servers to stage its spyware attacks using Pegasus software. NSO reportedly used the Los Angeles hosting service QuadraNet “more than 700 times” to infect users with malware, while an Amazon server was also involved. If so, that would directly contradict NSO’s claims that it couldn’t run operations in the US, and support assertions that it’s a hacking service rather than just a software developer.

The Facebook legal team also sought to shoot down NSO’s beliefs that it’s out of jurisdiction and that it has immunity due to its government clientele. Lawyers noted that the company hadn’t named a specific country buying its surveillance offerings, or any other proof that it couldn’t be held responsible for what its clients did. It was trying to “cloak” itself in the immunity of its customers, attorneys said.

A spokesperson for NSO didn’t directly address the latest claims and instead repeated earlier remarks, saying that it “does not operate” Pegasus for customers, and that it can’t be used against devices or phone numbers inside the US.

Provided WhatsApp’s assertions prove true, NSO Group may be in trouble regardless of its defense. The involvement of US servers would improve the chances of the lawsuit moving forward, and challenge notions that it’s simply a bystander in the violation of users’ privacy and security.