Israel’s NSO Group has come under scrutiny for its Pegasus commercial spyware product, with newly released court documents shedding light on the company’s involvement in the use of the tool by its customers. The documents, part of a legal dispute with Meta’s WhatsApp, reveal that NSO Group allegedly installed and operated the spyware on behalf of its customers, making the company directly responsible for its use.
WhatsApp lawyers have accused NSO Group of developing and using exploits to abuse WhatsApp’s servers and distribute Pegasus to target devices, even after being sued by WhatsApp. The court filings in the US District Court for the Northern District of California paint a picture of NSO Group being intimately involved in the operation and control of Pegasus, despite the company’s claims to the contrary.
According to WhatsApp’s lawyers, NSO Group customers had minimal involvement in how the spyware tool operated or collected information. Customers would simply provide a target phone number, press install, and wait for the malware to be installed on the target device, with NSO Group handling every aspect of the data retrieval and delivery process. The company allegedly went as far as disconnecting service to 10 customers for excessive abuse of the spyware.
NSO’s vice president of global communications, Gil Lainer, has disputed WhatsApp’s claims, stating that the system is operated solely by clients and that neither NSO nor its employees have access to the intelligence gathered by the system. Lainer expressed confidence that NSO’s position would be vindicated in court and reiterated the company’s commitment to defending itself against the allegations.
Pegasus, the controversial mobile spyware developed by NSO Group, is designed to secretly monitor and extract data from iOS and Android smartphones. Despite NSO Group’s claims that the tool is sold solely to authorized government agencies for legitimate purposes, critics have raised concerns about its misuse in authoritarian regimes to target journalists, human rights activists, and political dissidents.
A 2021 database leak revealed that NSO Group customers had targeted over 50,000 phone numbers for surveillance in countries like Mexico, Hungary, and India. As a result, the US government formally blacklisted the company in 2021, severely restricting its ability to operate in the US or engage in business with US entities abroad.
The ongoing legal battles faced by NSO Group include the lawsuit filed by WhatsApp, which alleges that the company deliberately circumvented mechanisms put in place to prevent misuse of the secure messaging platform. NSO Group allegedly developed tools to trigger Pegasus downloads on target phones via WhatsApp, even after WhatsApp had taken steps to block such activity.
The proliferation of commercial spyware vendors, driven by demand from government agencies, has raised concerns about the misuse of such tools for surveillance and espionage. A Google report identified vendors like NSO Group as being responsible for nearly half of all zero-day exploits counted between mid-2014 and December 2023.
As NSO Group continues to face legal challenges and scrutiny over the use of its Pegasus spyware, the outcomes of these cases will have far-reaching implications for the surveillance technology industry and the protection of privacy rights worldwide.