November 15, 2024 at 05:09PM
Israeli firm NSO Group allegedly exploited WhatsApp vulnerabilities to deploy its Pegasus spyware, even after legal actions were initiated. Using various zero-day exploits like “Erised” and “Eden,” NSO’s clients could remotely infiltrate devices. Despite being sanctioned by the U.S., NSO claims limited responsibility for clients’ surveillance actions.
Here are the key takeaways from the meeting notes regarding NSO Group and its Pegasus spyware:
1. **Zero-Day Exploits**: NSO Group utilized multiple zero-day exploits, including a newly discovered one named “Erised,” to deploy Pegasus spyware through vulnerabilities in WhatsApp, even amidst ongoing lawsuits.
2. **Pegasus Spyware Capabilities**: The spyware, marketed as surveillance software for governments, allows clients extensive access to monitor and extract data from compromised devices.
3. **Exploits Developed**:
– An exploit named “Heaven” was created before April 2018, using a fake WhatsApp client to install Pegasus.
– After WhatsApp implemented security measures in 2018, NSO created a new exploit named “Eden,” used in attacks against around 1,400 devices by May 2019.
– Despite being blocked in May 2019, NSO allegedly developed the “Erised” installation vector, continuing attacks even after WhatsApp’s legal proceedings began.
4. **Admission of Wrongdoing**: NSO admitted in court to developing and selling spyware that infringed on WhatsApp’s terms of service, involving reverse-engineering of WhatsApp’s code.
5. **Client Involvement**: Clients of NSO could initiate surveillance operations by simply entering a target’s phone number, with the installation and data extraction conducted by NSO’s system—requiring no further technical input from clients.
6. **Targeted Attacks**: Key victims included political figures, journalists, diplomats, and U.S. government officials, demonstrating the extensive reach of Pegasus spyware.
7. **Regulatory Actions**: NSO faced sanctions from the U.S. government and a lawsuit from Apple for its role in hacking and spying activities.
8. **NSO’s Stance**: The company claims it is not responsible for its clients’ actions and asserts it does not access data retrieved during surveillance operations.
These points outline the serious implications of NSO Group’s practices and highlight ongoing legal and ethical concerns surrounding surveillance technology.