Facebook sues NSO Group, the spyware developer

Attacks on WhatsApp users are the cause of the lawsuit. Facebook believes that the NSO Group has not just provided a software hacking solution, but also helped to implement it.

Facebook is suing NSO Group, the Israeli spyware developer, accusing it of aiding and abetting organizers of attacks on human rights champions and journalists.

The NSO Group's core activity is developing solutions to exploit zero-day vulnerabilities and selling them to government organizations. The company's visibility (which it did not welcome) came between 2016 and 2017 with the development of Pegasus and Chrysaor, iOS and Android hacking tools.

Since its foundation in 2010, the company has tried to keep out of the public limelight. However, after being labeled a "cyber weapons dealer" in the expert community, the NSO Group has made a public statement that the company seeks to help government organizations and intelligence agencies fight criminals and terrorists.

The lawsuit by Facebook calls into question the company's integrity and accuses it of helping some of its clients to exploit WhatsApp vulnerabilities. The vulnerability, which came to light in May 2019, allowed attackers to install a Pegasus spyware package on the victims’ smartphones. The attacks targeted human rights activists, journalists, dissidents, diplomats and officials. In total, over 1,400 users from Bahrain, the United Arab Emirates and Mexico have suffered from the cyber attacks, according to the plaintiff.

Facebook has collected evidence against the NSO Group for about six months and is ready to present it in court. Attacks on users' devices involved servers that link them to the Israeli company, and the social media intends to invoke the U.S. Computer Fraud and Abuse Act.

So far, the NSO Group’s reaction has been predictable – it has assured that the company only has legitimate business that complies with the UN laws and guidelines, and that all abuses of the Company's products are suppressed.