WhatsApp’s Cat-and-Mouse Game: NSO Group Deployed New Exploits Despite Legal Battle

WhatsApp's Cat-and-Mouse Game: NSO Group Deployed New Exploits Despite Legal Battle

Meta’s WhatsApp vs. NSO Group: New Legal Revelations

Recently released legal documents have exposed how NSO Group, an Israeli spyware company, repeatedly exploited WhatsApp to deliver its Pegasus surveillance software, even after facing legal action from Meta.

Key Findings:

1. Multiple Attack Vectors:
– NSO Group developed several exploitation methods (collectively called Hummingbird)
– Notable vectors included Heaven, Eden, and Erised
– The Erised vector continued operating even after WhatsApp’s 2019 lawsuit

2. Technical Details:
– Exploited WhatsApp’s video calling system
– Used zero-click attacks requiring no user interaction
– Leveraged critical buffer overflow vulnerability (CVE-2019-3568)
– Affected between hundreds and thousands of devices

3. Operation Method:
– NSO Group reverse-engineered WhatsApp’s code
– Created custom “WhatsApp Installation Server” (WIS)
– Sent malformed messages through WhatsApp servers
– Controlled entire installation process, contrary to previous claims

Recent Developments:

– Apple voluntarily dismissed its separate lawsuit against NSO Group
– New security features introduced:
* Lockdown Mode for enhanced protection
* iOS 18.2 beta includes 72-hour inactivity reboot feature
* Requires password re-entry after automatic reboot

The revelations highlight ongoing concerns about commercial spyware and its impact on user privacy, despite NSO Group’s claims that Pegasus is intended solely for combating serious crime and terrorism.

Share This Article