Latest news with #NSOGroup
TechCrunch
a day ago
- Business
- TechCrunch
NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous'
In May, a jury ruled that spyware maker NSO Group must pay $167 million in damages to WhatsApp for a 2019 hacking campaign that targeted more than 1,400 people. Calling the damages ruling 'outrageous,' 'blatantly unlawful,' and 'unconstitutionally excessive,' NSO Group now wants the judge overseeing the case to reduce the amount, or order a new trial. On Thursday, the company filed a motion for a new trial or a 'remittitur,' which is a procedure that allows a court to reduce an excessive verdict. Contact Us Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . The filing was first reported by legal news outlets Law360 and MLex. In the court filing, NSO Group's lawyers said that the 'outrageous punitive award exceeds the maximum lawful punitive damages award in this case by many orders of magnitude.' The lawyers argued that the amount ordered in punitive damages — the $167 million — violates limits that say the jury should not award damages 'greater than four times compensatory damages,' which were $444,719 in this case. The lawyers also argued that the jury's award is 'unlawful because it reflects the improper desire to bankrupt NSO out of general hostility toward its business activities other than the limited conduct for which punitive damages could be awarded in this case.' WhatsApp spokesperson Margarita Franklin told TechCrunch in a statement that WhatsApp will keep fighting the case. Techcrunch event Save now through June 4 for TechCrunch Sessions: AI Save $300 on your ticket to TC Sessions: AI—and get 50% off a second. Hear from leaders at OpenAI, Anthropic, Khosla Ventures, and more during a full day of expert insights, hands-on workshops, and high-impact networking. These low-rate deals disappear when the doors open on June 5. Exhibit at TechCrunch Sessions: AI Secure your spot at TC Sessions: AI and show 1,200+ decision-makers what you've built — without the big spend. Available through May 9 or while tables last. Berkeley, CA | REGISTER NOW 'For the past six years, NSO has tried to avoid accountability at every turn. This is another expected attempt to claim impunity, in response to a strong message from the jury of U.S. citizens deciding to punish NSO for its 2019 illegal attack against an American company and its users,' said Franklin. 'We'll respond to the court as we continue to pursue a permanent injunction against NSO to prevent this spyware firm from targeting WhatsApp and our users ever again.' NSO Group also said in its court filing that the amount awarded in damages 'grossly exceeds NSO's ability to pay,' and 'reflects an improper desire to punish NSO.' During the trial, NSO Group already argued that it is in dire straits financially.
TechCrunch
4 days ago
- Business
- TechCrunch
Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
On May 6, WhatsApp scored a major victory against NSO Group when a jury ordered the infamous spyware maker to pay more than $167 million in damages to the Meta-owned company. The ruling concluded a legal battle spanning more than five years, which started in October 2019 when WhatsApp accused NSO Group of hacking more than 1,400 of its users by taking advantage of a vulnerability in the chat app's audio-calling functionality. The verdict came after a week-long jury trial that featured several testimonies, including NSO Group's CEO Yaron Shohat and WhatsApp employees who responded and investigated the incident. Even before the trial began, the case had unearthed several revelations, including that NSO Group had cut off 10 of its government customers for abusing its Pegasus spyware, the locations of 1,223 of the victims of the spyware campaign, and the names of three of the spyware maker's customers: Mexico, Saudi Arabia, and Uzbekistan. TechCrunch read more than 1,000 pages of court transcripts of the trial's hearings. We have highlighted the most interesting facts and revelations below. New testimony described how the WhatsApp attack worked The zero-click attack, which means the spyware required no interaction from the target, 'worked by placing a fake WhatsApp phone call to the target,' as WhatsApp's lawyer Antonio Perez said during the trial. The lawyer explained that NSO Group had built what it called the 'WhatsApp Installation Server,' a special machine designed to send malicious messages across WhatsApp's infrastructure mimicking real messages. 'Once received, those messages would trigger the user's phone to reach out to a third server and download the Pegasus spyware. The only thing they needed to make this happen was the phone number,' said Perez. NSO Group's research and development vice president Tamir Gazneli testified that 'any zero-click solution whatsoever is a significant milestone for Pegasus.' NSO admitted that it kept targeting WhatsApp users after the lawsuit was filed Following the spyware attack, WhatsApp filed its lawsuit against NSO Group in November 2019. Despite the active legal challenge, the spyware maker kept targeting the chat app's users, according to NSO Group's research and development vice president Tamir Gazneli. Gazneli said that 'Erised,' the codename for one of the versions of the WhatsApp zero-click vector, was in use from late-2019 up to May 2020. The other versions were called 'Eden' and 'Heaven,' and the three were collectively known as 'Hummingbird.' NSO confirms it targeted an American phone number as a test for the FBI Contact Us Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . For years, NSO Group has claimed that its spyware cannot be used against American phone numbers, meaning any cell number that starts with the +1 country code. In 2022, The New York Times first reported that the company did 'attack' a U.S. phone but it was part of a test for the FBI. NSO Group's lawyer Joe Akrotirianakis confirmed this, saying the 'single exception' to Pegasus not being able to target +1 numbers 'was a specially configured version of Pegasus to be used in demonstration to potential U.S. government customers.' The FBI reportedly chose not to deploy Pegasus following its test. How NSO's government customers use Pegasus NSO's CEO Shohat explained that Pegasus' user interface for its government customers does not provide an option to choose which hacking method or technique to use against the targets they are interested in, 'because customers don't care which vector they use, as long as they get the intelligence they need.' In other words, it's the Pegasus system in the backend that picks out which hacking technology, known as an exploit, to use each time the spyware targets an individual. NSO says it employs hundreds of people NSO Group's CEO Yaron Shohat disclosed a small but notable detail: NSO Group and its parent company, Q Cyber, have a combined number of employees totalling between 350 and 380. Around 50 of these employees work for Q Cyber. NSO's headquarters shares the same building as Apple In a funny coincidence, NSO Group's headquarters in Herzliya, a suburb of Tel Aviv in Israel, is in the same building as Apple, whose iPhone customers are also frequently targeted by NSO's Pegasus spyware. Shohat said NSO occupies the top five floors and Apple occupies the remainder of the 14-floor building. 'We share the same elevator when we go up,' Shohat said during testimony. The fact that NSO Group's headquarters are openly advertised is somewhat interesting on its own. Other companies that develop spyware or zero-days like the Barcelona-based Variston, which shuttered in February, was located in a co-working space while claiming on its official website to be located somewhere else. Pegasus spyware cost European customers millions During their testimony, an NSO Group employee revealed how much the company charged European customers to access its Pegasus spyware between 2018 and 2020, saying the 'standard price' is $7 million, plus an additional $1 million or so for 'covert vectors.' These new details were included in a court document without the full context of the testimony, but offers an idea of how much advanced spyware like Pegasus can cost paying governments. While not explicitly defined, 'covert vectors' likely refer to stealthy techniques used to plant the spyware on the target phone, such as a zero-click exploit, where a Pegasus operator doesn't need the victim to interact with a message or click a link to get hacked. The prices of spyware and zero-days can vary depending on several factors: the customer, given that some spyware makers charge more when selling to countries like Saudi Arabia or the United Arab Emirates, for example; the number of concurrent targets that the customer can spy on at any given time; and feature add-ons, such as zero-click capabilities. All of these factors could explain why a European customer would pay $7 million in 2019, while Saudi Arabia reportedly paid $55 million and Mexico paid $61 million over the span of several years. NSO describes a dire state of finances During the trial, Shohat answered questions about the company's finances, some of which were disclosed in depositions ahead of the trial. These details were brought up in connection with how much in damages the spyware maker should pay to WhatsApp. According to Shohat and documents provided by NSO Group, the spyware maker lost $9 million in 2023 and $12 million in 2024. The company also revealed it had $8.8 million in its bank account as of 2023, and $5.1 million in the bank as of 2024. Nowadays, the company burns through around $10 million each month, mostly to cover the salaries of its employees. Also, it was revealed that Q Cyber had around $3.2 million in the bank both in 2023 and 2024. During the trial, NSO revealed its research and development unit — responsible for finding vulnerabilities in software and figuring out how to exploit them — spent some $52 million in expenses during 2023, and $59 million in 2024. Shohat also said that NSO Group's customers pay 'somewhere in the range' between $3 million and 'ten times that' for access to its Pegasus spyware. Factoring in these numbers, the spyware maker was hoping to get away with paying little or no damages. 'To be honest, I don't think we're able to pay anything. We are struggling to keep our head above water,' Shohat said during his testimony. 'We're committing to my [chief financial officer] just to prioritize expenses and to make sure that we have enough money to meet our commitments, and obviously on a weekly basis.' First published on May 10, 2025 and updated with additional details.
Time of India
26-05-2025
- Business
- Time of India
Austrian court hears ex-chancellor Kurz's appeal against conviction
REUTERS image VIENNA: An Austrian court on Monday began hearing the appeal of former chancellor Sebastian Kurz against his conviction for giving false testimony. Once hailed as the "wunderkind" of Europe's conservatives, Kurz resigned as chancellor in 2021 amid a series of accusations. He was found guilty last year of giving false testimony to a parliamentary inquiry and handed an eight-month suspended jail sentence. But Kurz, 38, appealed against the verdict, insisting that he was innocent. He argued that he was interrupted during his testimony and that the judge who convicted him was biased. "I answered all questions in the inquiry to the best of my knowledge and conscience," Kurz said in a statement before Monday's court hearing. The court is expected to rule on the appeal later on Monday. Kurz was sentenced last year for having misled a parliamentary inquiry probing wide-ranging corruption scandals that brought down his first coalition government with the far right in 2019. The appeal "argues that the court inadequately considered key evidence", amongst other grounds, according to a statement by Kurz's lawyer Otto Dietrich. In a separate case, Kurz is still under investigation for corruption. Prosecutors suspect that Kurz embezzled public money to fund polls skewed to boost his image, and to pay for favourable media coverage. Since he quit politics in 2021, Kurz has been involved with numerous private international enterprises. Those include the Dream cybersecurity company he co-founded in 2023 with the former head of Israel's NSO Group, which developed the controversial Pegasus spyware, and another entrepreneur. Earlier this year, Dream said it was worth $1.1 billion.
Washington Post
20-05-2025
- Business
- Washington Post
Pegasus spyware maker rebuffed in efforts to get off trade blacklist
The Trump administration will not seek the removal of Israeli tech firm NSO Group from a Commerce Department trade blacklist that has significantly dented the company's financial fortunes, U.S. officials said this week. Nor is the White House planning to rescind a Biden-era executive order that effectively bars the company from selling its controversial Pegasus spyware to the U.S. government, said the officials, who like others spoke on the condition of anonymity to discuss a sensitive matter. The administration's plans are a rebuff to NSO Group, which is in Washington this week on a rehabilitation tour, in hopes of being removed from the Commerce Department's Entity List, which bars it from receiving U.S. technology. The list is sort of a scarlet letter in the business world because of the reputational harm it confers. Since the 2021 listing, NSO Group has faced significant financial hardship. The statements to The Washington Post come amid speculation that the Trump administration might rescind or modify the executive order. President Donald Trump has revoked dozens of President Joe Biden's orders and has others under review. Company representatives visiting from Israel had hoped to meet with the White House on Monday. But when National Security Council aides found out Sunday evening that the group's underlying goal was to be taken off the trade blacklist, they balked and canceled the meeting, according to officials. 'The company was not forthcoming in its motives for seeking the meeting,' said one U.S. official. 'The White House has no plans to seek removal of NSO from the Entity List or to rescind the spyware executive order.' A modification of the order might come later, but it will not be aimed at doing any favors for NSO Group, the official said. An NSO Group spokesman had no comment. The 2023 executive order barred federal agencies from using commercial spyware that has previously been used to penetrate the devices of U.S. personnel, or to abuse human rights by allowing governments to spy on dissidents. In announcing the order, Biden administration officials disclosed that at least 50 U.S. government employees in countries around the world had their cellphones infected with Pegasus. Pegasus, known as 'zero-click' malware, takes hold silently once it lands on the target's phone, granting sweeping access to live calls, audio and video clips, location records, emails and even chats on encrypted apps. The Monday meeting would have been the first with the White House since the company was placed on the Entity List for its 'malicious' targeting of civil society. The meeting was requested by the group's new lobbying firm, the Vogel Group, which also scheduled NSO visits with Republican lawmakers and aides on Capitol Hill this week. NSO executives intended to pitch the firm as useful to the Trump administration's border security agenda — offering a way to track criminals and cartels in an age of encrypted apps, said one person familiar with the matter. In 2022, the firm was in exploratory talks with U.S. defense contractor L3Harris to potentially acquire NSO's technology. The Biden administration warned the deal would raise 'serious' counterintelligence and security risks. The talks fell through and the following year Biden signed the spyware order. The counterintelligence concerns arose from NSO Group's close relationship with the Israeli government, which requires the Defense Ministry to sign off on all the firm's contracts. That proximity could then give Israel a window into what U.S. agencies might be doing with NSO's software, experts said. Israel, while a close partner of the United States, is not among the most trusted circle of Western intelligence allies — a group that includes Britain, Australia, Canada and New Zealand, and is known as the Five Eyes. NSO Group has been hopeful that it will receive a more favorable reception from the new administration. Jonathan Fahey, a Homeland Security official during Trump's first term, is registered to lobby on the account alongside Republican lobbyist Alex Vogel. The Vogel Group did not respond to a request for comment. Adding to NSO Group's woes, this month a federal jury ordered the company to pay a record-setting $167 million for hacking more than 1,000 people through WhatsApp messages in a stunning cap to six years of litigation. The company lost $9 million in 2023 and $12 million in 2024, according to testimony from NSO chief executive Yaron Shohat, who said the company would struggle to pay significant damages. NSO Group, a privately held company, licenses Pegasus to foreign governments — often with checkered human rights records — including Saudi Arabia, Mexico and Morocco. It also licenses the spyware to intelligence, law enforcement and military agencies, and says the tool is intended only for use against terrorists and other major criminals. People familiar with the company previously told The Washington Post that NSO spyware helped Mexico twice capture drug kingpin Joaquín 'El Chapo' Guzmán, in 2014 and in 2016, though The Post was not able to independently confirm the assertion. In 2021, the Pegasus Project — an investigative consortium involving The Post — detailed a range of abuses, including the targeting of politicians, journalists and human rights workers. The University of Toronto's Citizen Lab discovered in 2021 that the wife of murdered journalist Jamal Khashoggi, a Post contributing columnist, had Pegasus placed on her phone months before his death. Khashoggi was killed at the direction of Saudi Crown Prince Mohammed bin Salman in 2018, the CIA concluded. 'NSO's Pegasus is notorious for being a tool that dictators use to instill fear,' said John Scott-Railton, senior researcher at the University of Toronto's Citizen Lab. 'It does not belong in democracies.' To be taken off the Entity List, a company would have to convince the Commerce, State, Energy and Defense departments that the activities that resulted in their listing are no longer taking place and that the firm no longer poses a 'significant risk' to U.S. national security or foreign policy interests, according to federal regulations. But NSO Group could be removed if there is a foreign policy impetus, said Matthew S. Borman, who handled export control policy at the Commerce Department's Bureau of Industry and Security for more than 20 years. The Israeli government has pushed in the past to have NSO taken off the list, according to people familiar with the matter. If the Trump administration wanted to accommodate the Israeli government, then 'presumably all four agencies would sign off on that,' said Borman.
India Today
14-05-2025
- India Today
WhatsApp sued but NSO Group kept unleashing Pegasus spyware on users
Last week, Meta won the Rs 1,400 crore lawsuit against Israeli firm NSO Group in the Pegasus spyware case. The lawsuit was filed by Meta's WhatsApp in 2019 after a research found that the NSO Group hacked into the WhatsApp account of 1,400 users by injecting the Pegasus spyware, which was done by taking advantage of a vulnerability in its audio call feature. On May 6, 2025, the 5-year-long legal battle between Meta and NSO Group concluded, and the jury trial ruled that the Israeli company was guilty of hacking into the accounts of thousands of WhatsApp users. advertisementHowever, the transcripts of the trial's proceedings were accessed by TechCrunch, which revealed an interesting – if we can call it that – thing about the Pegasus attacks. Reportedly, the NSO Group admitted during the trial that even after Meta had sued the company for the WhatsApp hacks, it continued to target WhatsApp users. Apparently, NSO Group's research and development vice president, Tamir Gazneli, acknowledges that the Pegasus-maker was rolling out targeted attacks between late 2019 to May 2020. Gazneli revealed that the spyware codenamed 'Erised', which was one of the WhatsApp zero-click vectors, was pushed during that period of time. Reminder: Meta sued the NSO Group in October 2019. As per the NSO Group's executive, the company was using other versions of the spyware as well, which were codenamed 'Eden' and 'Heaven', and collectively the three versions were called 'Hummingbird'. advertisement The Pegasus attacks were first spotted and highlighted by Citizen Lab, which had revealed that the company was infecting smartphones with spyware via phone calls. This was regardless of the user answering the call. If the spyware call went on their device, their phone would be infected. This led to the spyware taking control over the infected device's camera and microphone, which allowed it to access call records, messages, emails, locations and even passwords in some scenarios. The cyberattack primarily focused on journalists, human rights defenders, and diplomats, impacting users across more than 50 countries. Court documents filed last month revealed that India accounted for at least 100 of the 1,400 identified targets. These attacks are believed to have occurred within just two months, between April and May 2021, Apple took legal action against the NSO Group, accusing it of deploying Pegasus spyware to infiltrate iPhones. At the time, Apple stated that it was pursuing a permanent court order to block the company from accessing any of its software, services, or year, in December 2024, a US court found the NSO Group responsible for the hacking incidents involving WhatsApp. Earlier this month, Meta won the case against NSO Group.
