WhatsApp asks to declare NSO Group in contempt after stopping a new ‘phishing’ campaign

WhatsApp has dismantled a new hacking campaign linked to NSO Groupwith new ‘phishing’ attempts that sought to compromise devices through ‘one-click’ attacks on users of the platform, for which it has accused the Israeli firm of failing to comply with the court order that prohibits it from attacking the social network and has requested the US courts to declare the group in contempt.

NSO Group is an Israeli spy software manufacturer that has been involved in countless cases of abuse around the world, which has led it to be included on the blacklist for actions contrary to the national security of the United States, and which in Spain has been known specifically for the Pegasus case.

Last year, the Meta-owned instant messaging platform obtained a permanent injunction that prohibits NSO Group from attacking WhatsApp and its users in the future. This verdict found that NSO violated US federal and state laws against computer hacking.

However, now WhatsApp has shared from its blog that it has asked the courts to declare NSO Group in contempt, after successfully detecting and stopping new attempts at social engineering linked to the same company. Specifically, WhatsApp has found new ‘phishing’ attempts, as a result of investigating user complaints.

These ‘phishing’ attempts were intended to deceive users with a malicious link that took them to a fake external websitewhich at first glance looked like a legitimate news portal, but hid what is known as a ‘one-click’ attack.

In fact, WhatsApp claims that The strategy used by NSO has been similar to ‘one-click’ phishing campaigns. that have been previously reported and have been related to the group. The creation of test accounts and groups on the platform by NSO has also been detected.

These ‘one-click’ attacks, which are perpetrated when the user visits the fake page, are carried out invisibly to the user and can either scan your mobile how to infect it if there is any uncorrected vulnerability in the web browser, such as Chrome or Safari.

In this regard, it must be taken into account that, as WhatsApp has recalled, the CEO of NSO already admitted under oath in court that his company is constantly looking for ‘vectors or ways to access the phone’ that “go beyond WhatsApp”, pointing specifically to web browsers and operating systems.

Taking all this into account, WhatsApp has announced that they are asking the court to declare NSO Group in contempt for failing to comply with the order filed last year.

“When a malicious company included on the US government’s Entity List continues to defy US courts, existing restrictions must remain strong. Relaxing them would undermine US national security and put US companies and billions of people around the world who depend on secure communications at risk,” WhatsApp said.

In response to these identified attacks, the company has also announced that it has closed all accounts and groups created by the Israeli firm NSO, and has shared the details of the domains so that any user can verify if you have clicked on any of the malicious links that redirected you to an external website controlled by NSO Group. They are the domains hxxps://ikhwancast[.]com, hxxps://ghazacast[.]com y hxxps://fr24cast[.]com.

WhatsApp has Recommended that users keep their apps and devices up to date and to report any suspicious activity so that it can be investigated and action taken.

The American technology company affirms that spyware is a threat to national securityand that’s why they are supporting a growing coalition of privacy advocates and researchers fighting these types of programs with a donation to the Spyware Accountability Initiative.

Regarding the Pegasus case in Spain, it broke out worldwide in 2021 when an international journalistic investigation uncovered a list of more than 50,000 phone numbers that were possible targets of this software. It was discovered that several governments used it illegally for espionage from journalists from large international media, human rights defenders and high-level politicians (such as the President of the Government of Spain, Pedro Sánchez, and others such as Emmanuel Macron in France).