Unredacted court documents from WhatsApp’s 2019 lawsuit against NSO Group have revealed new details about how the Israel-based company developed and deployed its Pegasus spyware. The disclosures, ordered by a California federal judge, describe a sophisticated operation targeting 1,400 WhatsApp users, including journalists, human rights activists, diplomats, and political dissidents.
Pegasus and Zero-Click Exploits
Pegasus spyware, notorious for its zero-click installation method, allows infection of devices without user interaction. According to WhatsApp’s filings, NSO Group exploited vulnerabilities in WhatsApp by reverse-engineering its code and using a “WhatsApp Installation Server” (WIS) to send malicious messages. This spyware provided access to data as if the attacker had the victim’s device password.
One exploit, called Eden, was used to carry out the 2019 attacks. WhatsApp stated that NSO employees admitted to developing Eden after WhatsApp thwarted earlier exploits in 2018. The filings allege that Eden specifically targeted WhatsApp relay servers to deliver the spyware.
Despite NSO’s persistence, WhatsApp’s security team successfully blocked Pegasus intrusions multiple times through updates in 2018 and 2019.
Victims and High-Profile Targets
The alleged victims of Pegasus spyware included prominent figures, such as Princess Haya of Dubai, who fled to the UK in 2019 amid allegations of abduction and forced captivity by Sheikh Mohammed bin Rashid Al Maktoum, Dubai’s ruler. Pegasus was reportedly used to spy on Princess Haya and others linked to her.
The spyware’s widespread use by government clients highlights concerns about its deployment against activists and dissidents, sparking international debates about privacy and abuse of surveillance tools.
Turnkey Solution for Governments
According to the filings, NSO designed Pegasus to be a turnkey solution for its clients. Customers only needed to input a target’s phone number and click “Install,” while NSO handled the data retrieval process. This process involved setting up anonymous servers, sometimes using fake personas and cryptocurrency payments, to facilitate attacks.
WhatsApp accused NSO of creating a California-based server specifically for the 2019 attacks, further implicating the company in violating U.S. laws.
NSO’s Defense and Denials
NSO Group has repeatedly denied wrongdoing, asserting that Pegasus is operated solely by its government clients and that it does not access intelligence gathered by the system. In response to WhatsApp’s allegations, NSO spokesperson Gil Lainer stated:
“We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so.”
Legal and Ethical Implications
WhatsApp, owned by Meta, argues that NSO violated federal and state laws and breached WhatsApp’s Terms of Service by using its servers to distribute spyware. A WhatsApp spokesperson emphasized,
“The newly public evidence shows exactly how NSO’s operations violated U.S. law and launched their cyberattacks against journalists, human rights activists, and civil society.”
The revelations further highlight the risks posed by advanced spyware and the ease with which it can be misused. Pegasus has become a symbol of the dangers of unchecked surveillance technology, drawing criticism from human rights groups and governments worldwide.
Ongoing Litigation and Future Developments
The case remains active, with NSO Group expected to file its own unredacted documents soon. This ongoing litigation could set significant legal precedents regarding accountability for private companies that develop and sell spyware.
The fallout from these revelations has reignited calls for stricter global regulation of surveillance technology, emphasizing the balance between national security and human rights.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
