A jury has awarded WhatsApp $ 167 million to punitive compensation in a case that the company has brought against the NSO group established in Israel for operating a software quality that has hijacked the phones of thousands of users.
The verdict, reached on Tuesday, comes as a big victory, not only for Meta-Ownership WhatsApp, but also for proponents of privacy and security rights that have long criticized the practices of NSO and other exploitation buyers. The jury has also awarded WhatsApp $ 444 million to compensatory damage.
Clickless exploit
In 2019, WhatsApp sued an attack that was aimed at around 1,400 mobile phones from lawyers, journalists, human rights activists, political dissidents, diplomats and high foreign government officials. NSO, which works on behalf of governments and law enforcement agencies in different countries, operated a critical WhatsApp vulnerability with which the NSO's own Spyware Pegasus could install on iOS and Android devices. The Clickless Exploit worked by calling the app of a goal. A target did not have to answer the call to be infected.
“Today's verdict in WhatsApp's case is an important step forward for privacy and security as the first victory against the development and use of illegal spyware that threatens everyone's safety and privacy,” WhatsApp said in a statement. “Nowadays, the jury's decision to pay NSO, a notorious foreign Spyware trader, to pay compensation a critical deterioration for this malignant industry against their illegal actions aimed at American companies and the privacy and safety of the people we serve.”
NSO founded WhatsApp accounts in 2018 and used a year later to initiate calls that exploited the critical vulnerability to telephones, which include 100 members of “social midfield” from 20 countries, according to a Citizen Lab research group that was conducted on behalf of WhatsApp. The calls went through WhatsApp servers and injected malignant code in the memory of targeted devices. The intended phones would then use WhatsApp servers to connect to malignant servers that are maintained by NSO.