Facebook recently saw data theft using AWS and QuadraNet. The company has started a legal case against an Israeli spyware vendor, NSO Group. According to researchers, the NSO ran scripts in the Amazon servers in AWS cloud to hack WhatsApp. But fortunately, this entire activity was under track by John Scott Railton, Researcher at Citizenlab, University of Toronto. Amazon and QuadraNet are also receiving a warning because the entire operation was in execution using their cloud services.
Ah! Another interesting detail, @WhatsApp engineers observed 723 NSO attacks on users in which phones, once exploited, reached out to NSO-owned servers in California (104.223.76[.]220 – @QuadraNet & 54.93.81[.]200 – @amazon) pic.twitter.com/cgPo03WKfo
— John Scott-Railton (@jsrailton) April 24, 2020
But new legal proceedings have a different story to tell. This is because the NSO group claims that the entire hacking operation is not their fault. The clients, in this case, potential hackers just used their services. So, in this case, the NSO group is claiming no involvement.
But Facebook does not look so assured about it. NSO group keeps maintaining its position and says, that the clients are responsible for the hacking activities.
How did the clients hack Facebook-owned WhatsApp?
Around 1500 WhatsApp accounts were hacked by the NSO group. The penetration was through a vulnerability. NSO Group also says that the case needs to be canceled because American courts have no right over an Israeli company. They also say that a lot of their clients are overseas government officials, which means they cannot be prosecuted.
This has provided them with a sense of immunity. The innocence of the NSO group does not look to be true. Because the company is using threats to dismiss charges. But this is Facebook they are dealing with.
Facebook is currently suing the company for reverse-engineering WhatsApp to test a vulnerability hack. It does seem like, that NSO is heavily involved with the hacking.
Let us know what you think in the comments section.