Latest news with #AntonioPerez
TechCrunch
13-05-2025
- Business
- TechCrunch
Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit
On Tuesday, WhatsApp scored a major victory against NSO Group when a jury ordered the infamous spyware maker to pay more than $167 million in damages to the Meta-owned company. The ruling concluded a legal battle spanning more than five years, which started in October 2019 when WhatsApp accused NSO Group of hacking more than 1,400 of its users by taking advantage of a vulnerability in the chat app's audio-calling functionality. The verdict came after a week-long jury trial that featured several testimonies, including NSO Group's CEO Yaron Shohat and WhatsApp employees who responded and investigated the incident. Even before the trial began, the case had unearthed several revelations, including that NSO Group had cut off 10 of its government customers for abusing its Pegasus spyware, the locations of 1,223 of the victims of the spyware campaign, and the names of three of the spyware maker's customers: Mexico, Saudi Arabia, and Uzbekistan. TechCrunch read the transcripts of the trial's hearings and is highlighting the most interesting facts and revelations that came out. We will update this post as we learn more from the cache of more than 1,000 pages. Testimony described how the WhatsApp attack worked The zero-click attack, which means the spyware required no interaction from the target, 'worked by placing a fake WhatsApp phone call to the target,' as WhatsApp's lawyer Antonio Perez said during the trial. The lawyer explained that NSO Group had built what it called the 'WhatsApp Installation Server,' a special machine designed to send malicious messages across WhatsApp's infrastructure mimicking real messages. 'Once received, those messages would trigger the user's phone to reach out to a third server and download the Pegasus spyware. The only thing they needed to make this happen was the phone number,' said Perez. NSO Group's research and development vice president Tamir Gazneli testified that 'any zero-click solution whatsoever is a significant milestone for Pegasus.' NSO Group confirms it targeted an American phone number as a test for the FBI Contact Us Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . For years, NSO Group has claimed that its spyware cannot be used against American phone numbers, meaning any cell number that starts with the +1 country code. In 2022, The New York Times first reported that the company did 'attack' a U.S. phone but it was part of a test for the FBI. NSO Group's lawyer Joe Akrotirianakis confirmed this, saying the 'single exception' to Pegasus not being able to target +1 numbers 'was a specially configured version of Pegasus to be used in demonstration to potential U.S. government customers.' The FBI reportedly chose not to deploy Pegasus following its test. How NSO Group's government customers use Pegasus NSO's CEO Shohat explained that Pegasus' user interface for its government customers does not provide an option to choose which hacking method or technique to use against the targets they are interested in, 'because customers don't care which vector they use, as long as they get the intelligence they need.' In other words, it's the Pegasus system in the backend that picks out which hacking technology, known as an exploit, to use each time the spyware targets an individual. NSO Group's headquarters shares the same building as Apple In a funny coincidence, NSO Group's headquarters in Herzliya, a suburb of Tel Aviv in Israel, is in the same building as Apple, whose iPhone customers are also frequently targeted by NSO's Pegasus spyware. Shohat said NSO occupies the top five floors and Apple occupies the remainder of the 14-floor building. 'We share the same elevator when we go up,' Shohat said during testimony. The fact that NSO Group's headquarters are openly advertised is somewhat interesting on its own. Other companies that develop spyware or zero-days like the Barcelona-based Variston, which shuttered in February, was located in a co-working space while claiming on its official website to be located somewhere else. NSO Group admitted that it kept targeting WhatsApp users after the lawsuit was filed Following the spyware attack, WhatsApp filed its lawsuit against NSO Group in November 2019. Despite the active legal challenge, the spyware maker kept targeting the chat app's users, according to NSO Group's research and development vice president Tamir Gazneli. Gazneli said that 'Erised,' the codename for one of the versions of the WhatsApp zero-click vector, was in use from late-2019 up to May 2020. The other versions were called 'Eden' and 'Heaven,' and the three were collectively known as 'Hummingbird.' NSO says it employs hundreds of people NSO Group's CEO Yaron Shohat disclosed a small but notable detail: NSO Group and its parent company, Q Cyber, have a combined number of employees totalling between 350 and 380. Around 50 of these employees work for Q Cyber. NSO Group describes dire finances During the trial, Shohat answered questions about the company's finances, some of which were disclosed in depositions ahead of the trial. These details were brought up in connection with how much in damages the spyware maker should pay to WhatsApp. According to Shohat and documents provided by NSO Group, the spyware maker lost $9 million in 2023 and $12 million in 2024. The company also revealed it had $8.8 million in its bank account as of 2023, and $5.1 million in the bank as of 2024. Nowadays, the company burns through around $10 million each month, mostly to cover the salaries of its employees. Also, it was revealed that Q Cyber had around $3.2 million in the bank both in 2023 and 2024. During the trial, NSO revealed its research and development unit — responsible for finding vulnerabilities in software and figuring out how to exploit them — made up the majority of a $52 million budget. Shohat also said that NSO Group's customers pay 'somewhere in the range' between $3 million and 'ten times that' for access to its Pegasus spyware. Factoring in these numbers, the spyware maker was hoping to get away with paying little or no damages. 'To be honest, I don't think we're able to pay anything. We are struggling to keep our head above water,' Shohat said during his testimony. 'We're committing to my [chief financial officer] just to prioritize expenses and to make sure that we have enough money to meet our commitments, and obviously on a weekly basis.' First published on May 10, 2025 and updated with additional details.
Yahoo
10-05-2025
- Business
- Yahoo
Five things we learned from WhatsApp vs. NSO Group spyware lawsuit
On Tuesday, WhatsApp scored a major victory against NSO Group when a jury ordered the infamous spyware maker to pay more than $167 million in damages to the Meta-owned company. The ruling concluded a legal battle spanning more than five years, which started in October 2019 when WhatsApp accused NSO Group of hacking more than 1,400 of its users by taking advantage of a vulnerability in the chat app's audio-calling functionality. The verdict came after a week-long jury trial that featured several testimonies, including NSO Group's CEO Yaron Shohat and WhatsApp employees who responded and investigated the incident. Even before the trial began, the case had unearthed several revelations, including that NSO Group had cut off 10 of its government customers for abusing its Pegasus spyware, the locations of 1,223 of the victims of the spyware campaign, and the names of three of the spyware maker's customers: Mexico, Saudi Arabia, and Uzbekistan. TechCrunch read the transcripts of the trial's hearings and is highlighting the most interesting facts and revelations that came out. We will update this post as we learn more from the cache of more than 1,000 pages. The zero-click attack, which means the spyware required no interaction from the target, 'worked by placing a fake WhatsApp phone call to the target,' as WhatsApp's lawyer Antonio Perez said during the trial. The lawyer explained that NSO Group had built what it called the 'WhatsApp Installation Server,' a special machine designed to send malicious messages across WhatsApp's infrastructure mimicking real messages. 'Once received, those messages would trigger the user's phone to reach out to a third server and download the Pegasus spyware. The only thing they needed to make this happen was the phone number,' said Perez. NSO Group's research and development vice president Tamir Gazneli testified that 'any zero-click solution whatsoever is a significant milestone for Pegasus.' Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. For years, NSO Group has claimed that its spyware cannot be used against American phone numbers, meaning any cell number that starts with the +1 country code. In 2022, The New York Times first reported that the company did 'attack' a U.S. phone but it was part of a test for the FBI. NSO Group's lawyer Joe Akrotirianakis confirmed this, saying the 'single exception' to Pegasus not being able to target +1 numbers 'was a specially configured version of Pegasus to be used in demonstration to potential U.S. government customers.' The FBI reportedly chose not to deploy Pegasus following its test. NSO's CEO Shohat explained that Pegasus' user interface for its government customers does not provide an option to choose which hacking method or technique to use against the targets they are interested in, 'because customers don't care which vector they use, as long as they get the intelligence they need.' In other words, it's the Pegasus system in the backend that picks out which hacking technology, known as an exploit, to use each time the spyware targets an individual. In a funny coincidence, NSO Group's headquarters in Herzliya, a suburb of Tel Aviv in Israel, is in the same building as Apple, whose iPhone customers are also frequently targeted by NSO's Pegasus spyware. Shohat said NSO occupies the top five floors and Apple occupies the remainder of the 14-floor building. The fact that NSO Group's headquarters are openly advertised is somewhat interesting on its own. Other companies that develop spyware or zero-days like the Barcelona-based Variston, which shuttered in February, was located in a co-working space while claiming on its official website to be located somewhere else. Following the spyware attack, WhatsApp filed its lawsuit against NSO Group in November 2019. Despite the active legal challenge, the spyware maker kept targeting the chat app's users, according to NSO Group's research and development vice president Tamir Gazneli. Gazneli said that "Erised," the codename for one of the versions of the WhatsApp zero-click vector, was in use from late-2019 up to May 2020. The other versions were called "Eden" and "Heaven," and the three were collectively known as "Hummingbird."
TimesLIVE
07-05-2025
- Business
- TimesLIVE
Meta suit against Israel's NSO offers insight into world of cyberespionage
Israel's NSO Group was handed a $168m (R3.07bn) penalty by a federal jury in California on Tuesday for hijacking the servers of WhatsApp in order to hack users of the Meta-owned chat platform on behalf of foreign spy agencies. The case caps a six-year battle between the American social media giant and the surveillance firm. It has also cast a unusual amount of light on the inner workings of the spyware industry. Here is what we have learnt: Top-shelf spyware is not cheap Between 2018 and 2020 NSO charged its European government customers a "standard price" of $7m (R128m) for use of its platform to hack 15 different devices at a time, according to Sarit Bizinsky Gil, NSO's vice-president of global business operations. The executive said the ability to hack a phone outside the customer's country was a separate add-on worth approximately $1m (R18.3m) or $2m (R36.6m). "It is a highly sophisticated product," Meta lawyer Antonio Perez told the court in his opening statement, "And it carries a hefty price tag." NSO hacked thousands of devices Between 2018 and 2020 the Israeli spyware firm was responsible for breaking into thousands of devices, according to Tamir Gazneli, NSO's vice-president of research and development.
Reuters
06-05-2025
- Business
- Reuters
Meta suit against Israel's NSO offered rare insight into world of cyberespionage
WASHINGTON, May 6 (Reuters) - Israel's NSO Group was handed a $168 million penalty by a federal jury in California on Tuesday for hijacking the servers of WhatsApp in order to hack users of the Meta (META.O), opens new tab -owned chat platform on behalf of foreign spy agencies. The case caps a six-year battle between the American social media giant and the surveillance firm. It has also cast a unusual amount of light on the inner workings of the spyware industry. Here is what we have learned: The Reuters Daily Briefing newsletter provides all the news you need to start your day. Sign up here. TOP-SHELF SPYWARE IS NOT CHEAP Between 2018 and 2020 NSO charged its European government customers a "standard price" of $7 million for use of its platform to hack 15 different devices at a time, according to Sarit Bizinsky Gil, NSO's vice president of global business operations. The executive said the ability to hack a phone outside the customer's country was a separate add-on worth approximately $1 million or $2 million. "It is a highly sophisticated product," Meta lawyer Antonio Perez told the court in his opening statement, opens new tab, "And it carries a hefty price tag." NSO HACKED THOUSANDS OF DEVICES Between 2018 and 2020 the Israeli spyware firm was responsible for breaking into thousands of devices, according to Tamir Gazneli, NSO's vice president of research and development. During the trial, Gazneli said he disagreed with the idea, opens new tab that his company sold "spyware," leading to an exchange with Perez, opens new tab in which Gazneli insisted his firm's tools were used to gather intelligence on targets but "not people." "You don't consider the targets people, Mr. Gazneli?" Perez asked him. "That's not what I said," he responded. "What I said is that the targets are intelligence targets of intelligence agencies." AMERICAN TAXPAYERS SENT MILLIONS TO NSO'S COFFERS The Central Intelligence Agency and the Federal Bureau of Investigation collectively paid NSO $7.6 million, according to court records, opens new tab. The agencies' past dealings with the Israeli spyware company had previously been disclosed by The New York Times, opens new tab, which said the CIA bankrolled Djibouti's purchase of NSO spyware and the bureau bought it for testing, but the trial put a price tag on the relationship. NSO TARGETED WHATSAPP'S INFRASTRUCTURE DURING THE LAWSUIT The lawsuit against NSO did not deter the spyware firm from continuing to abuse WhatsApp's infrastructure, Meta's lawyers said in a court document filed late last month. "NSO repeatedly targeted Plaintiffs, Plaintiffs' servers, and Plaintiffs' mobile client even after this litigation was filed," the filing said. The filing seeks a permanent injunction against NSO, which it said "poses a significant threat of ongoing and prospective harm" to Meta, its platform, and its users.
CNA
06-05-2025
- Business
- CNA
Meta suit against Israel's NSO offered rare insight into world of cyberespionage
WASHINGTON :Israel's NSO Group was handed a $168 million penalty by a federal jury in California on Tuesday for hijacking the servers of WhatsApp in order to hack users of the Meta-owned chat platform on behalf of foreign spy agencies. The case caps a six-year battle between the American social media giant and the surveillance firm. It has also cast a unusual amount of light on the inner workings of the spyware industry. Here is what we have learned: TOP-SHELF SPYWARE IS NOT CHEAP Between 2018 and 2020 NSO charged its European government customers a "standard price" of $7 million for use of its platform to hack 15 different devices at a time, according to Sarit Bizinsky Gil, NSO's vice president of global business operations. The executive said the ability to hack a phone outside the customer's country was a separate add-on worth approximately $1 million or $2 million. "It is a highly sophisticated product," Meta lawyer Antonio Perez told the court in his opening statement, "And it carries a hefty price tag." NSO HACKED THOUSANDS OF DEVICES Between 2018 and 2020 the Israeli spyware firm was responsible for breaking into thousands of devices, according to Tamir Gazneli, NSO's vice president of research and development. During the trial, Gazneli said he disagreed with the idea that his company sold "spyware," leading to an exchange with Perez in which Gazneli insisted his firm's tools were used to gather intelligence on targets but "not people." "You don't consider the targets people, Mr. Gazneli?" Perez asked him. "That's not what I said," he responded. "What I said is that the targets are intelligence targets of intelligence agencies." AMERICAN TAXPAYERS SENT MILLIONS TO NSO'S COFFERS The Central Intelligence Agency and the Federal Bureau of Investigation collectively paid NSO $7.6 million, according to court records. The agencies' past dealings with the Israeli spyware company had previously been disclosed by The New York Times, which said the CIA bankrolled Djibouti's purchase of NSO spyware and the bureau bought it for testing, but the trial put a price tag on the relationship. NSO TARGETED WHATSAPP'S INFRASTRUCTURE DURING THE LAWSUIT The lawsuit against NSO did not deter the spyware firm from continuing to abuse WhatsApp's infrastructure, Meta's lawyers said in a court document filed late last month. "NSO repeatedly targeted Plaintiffs, Plaintiffs' servers, and Plaintiffs' mobile client even after this litigation was filed," the filing said. The filing seeks a permanent injunction against NSO, which it said "poses a significant threat of ongoing and prospective harm" to Meta, its platform, and its users.
