Summary:
1. WhatsApp won a major victory against NSO Group, with a jury ordering the spyware maker to pay over $167 million in damages.
2. The trial revealed how NSO Group targeted WhatsApp users even after the lawsuit was filed and admitted to targeting an American phone number as a test for the FBI.
3. NSO Group disclosed details about how its Pegasus spyware works, the cost for European customers, and its headquarters location.
Article:
In a landmark legal battle that spanned over five years, WhatsApp emerged victorious against NSO Group, a notorious spyware maker, when a jury mandated the NSO Group to pay more than $167 million in damages to the Meta-owned company. The case originated in October 2019 when WhatsApp accused NSO Group of exploiting a vulnerability in its audio-calling feature to hack over 1,400 users.
The trial, which lasted a week, featured testimonies from NSO Group’s CEO Yaron Shohat and WhatsApp employees involved in the investigation. Revelations during the trial included NSO Group’s continued targeting of WhatsApp users post-lawsuit filing and the admission of targeting an American phone number as an FBI test.
NSO Group’s testimony shed light on how its Pegasus spyware operates, with a zero-click attack method and a standard price of $7 million for European customers. Interestingly, NSO’s headquarters in Herzliya coincidentally shares the same building as Apple, a company frequently targeted by the Pegasus spyware.
The trial not only exposed the inner workings of NSO Group’s spyware but also highlighted the high cost associated with such advanced surveillance tools. The outcome of this legal battle sets a precedent in the fight against malicious spyware and underscores the importance of holding companies accountable for their actions in the digital realm. Summary:
1. Covert vectors likely refer to stealthy techniques used to plant spyware on a target phone, such as zero-click exploits.
2. Prices of spyware and zero-days vary based on factors like the customer’s location and desired features.
3. NSO Group revealed financial struggles during a trial, citing losses and high expenses related to its Pegasus spyware.
Article:
The term “covert vectors” in the world of spyware likely alludes to the stealthy methods employed to install spyware on a target device without the user’s knowledge. One such method is the zero-click exploit, where a Pegasus operator can infiltrate a phone without the victim needing to interact with a message or click on a link.
The pricing of spyware and zero-day exploits can fluctuate based on various factors. For instance, spyware makers may charge higher prices when selling to countries like Saudi Arabia or the United Arab Emirates. Additionally, the cost may be influenced by the number of concurrent targets a customer can spy on and any additional features, such as zero-click capabilities.
These pricing factors may explain why a European customer paid $7 million for spyware in 2019, while Saudi Arabia reportedly shelled out $55 million and Mexico spent $61 million over several years. The disparities in pricing highlight the lucrative nature of the spyware industry and the varying demands of different customers.
During a recent trial, the NSO Group, a prominent spyware maker, disclosed troubling financial details. The company reported losses of $9 million in 2023 and $12 million in 2024. Despite having $8.8 million in the bank in 2023 and $5.1 million in 2024, NSO Group revealed that it burns through approximately $10 million per month to cover employee salaries.
Moreover, the company’s research and development unit, responsible for identifying software vulnerabilities and exploiting them, incurred expenses of $52 million in 2023 and $59 million in 2024. NSO Group’s customers reportedly pay anywhere from $3 million to ten times that amount for access to its Pegasus spyware.
During the trial, NSO Group expressed financial distress, stating that they may not be able to pay any damages. The company’s chief financial officer emphasized the need to prioritize expenses and ensure that they have enough funds to meet their commitments.
In conclusion, the spyware industry’s financial intricacies, coupled with the covert tactics used to deploy spyware, shed light on the complex and controversial nature of digital surveillance. As NSO Group navigates its financial challenges, the implications of its operations continue to spark debate and scrutiny in the cybersecurity landscape.
