Reading this post you could have a better idea of the value of your privacy.
In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568, that has been exploited to remotely install spyware on phones by calling the targeted device.
Now new disconcerting details are emerging from the dispute between the two companies.
According to an extraordinary court filing from NSO Group in an ongoing lawsuit. Facebook representatives contacted the surveillance firm to buy a tool that could help the social network giant to better monitor a subset of its users,
NSO developed and sell licenses for the use of surveillance spyware known as Pegasus , which is able to steal any kind of data from smartphones and use them to spy on the surrounding environment through their camera and microphone.
The NSO Group operated in the dark for several years, until the researchers from the Citizenlab organization and the Lookout firm spotted its software in targeted attacks against UAE human rights defender, Ahmed Mansoor.
The researchers also spotted other attacks against a Mexican journalist who reported to the public a story of the corruption in the Mexican government.
Now NSO CEO Shalev Hulio revealed the the embarrassing contact with the Facebook representatives.
“According to a declaration from NSO CEO Shalev Hulio, two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.” reported Motherboard, the media outlet that disclosed the story.
Court documents revealed that Facebook representatives were interested in effectively monitor mobile devices of users who had already installed Onavo, a VPN product developed by Facebook that analyzed the web traffic of users who downloaded it to monitor other apps installed by the users.
According to the NSO CEO, Facebook was interested in improving surveillance capabilities on iOS devices of the Onavo Protect.
NSO CEO revealed that his company did not provide the surveillance service to Facebook because it is a private business and therefore does not meet company’s customer criteria
“The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices. The Facebook representatives also stated that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and were willing to pay for the ability to monitor Onavo Protect users. Facebook proposed to pay NSO a monthly fee for each Onavo Protect user.”the court filing reads. “Facebook is a private entity and not a sovereign government or government agency for national security and law enforcement purposes and therefore does not meet NSO’s customer criteria”
In 2019 the Onavo Protect was removed from the App Store by Apple, and Facebook decided to also remove it from Google Play.
Facebook attempted to downplay the accusation and speculate that NSO is attempting to distract from the accusation moved by the social network giant.
“NSO is trying to distract from the facts Facebook and WhatsApp filed in court nearly six months ago. Their attempt to avoid responsibility includes inaccurate representations about both their spyware and a discussion with people who work at Facebook,” a Facebook spokesperson said.
“Our lawsuit describes how NSO is responsible for attacking over 100 human rights activists and journalists around the world. NSO CEO Shalev Hulio has admitted his company can attack devices without a user knowing and he can see who has been targeted with Pegasus. We look forward to proving our case against NSO in court and seeking accountability for their actions.”
Who will win? Facebook or NSO Group?
I don’t know, but I’m sure that the losers are the unaware users.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.