A court has released detailed legal documents exposing how the spyware leveraged these vulnerabilities, even after WhatsApp filed its lawsuit.

On November 14, 2024, a California court published legal documents related to the lawsuit filed in May 2019 by WhatsApp against NSO Group, the Israeli company behind the Pegasus spyware. The documents reveal that NSO Group exploited 0-day vulnerabilities in the messaging app’s code to spy on its users, even after WhatsApp’s lawsuit was filed.

The released documents include depositions from NSO Group employees, internal records, and messages exchanged between staff members. They detail how the Israeli company “developed these exploits by extracting and decompiling WhatsApp’s code, conducting reverse engineering on WhatsApp.”

NSO Group admitted before the U.S. court to exploiting these vulnerabilities to install its spyware on “tens of thousands of devices.” The published documents also prove that NSO Group often played an active role in installing Pegasus on infected devices, contrary to the company’s long-standing claims.

In July 2021, an international journalistic investigation uncovered widespread illegal use of the spyware. Government entities used it to spy on political figures, activists, journalists, and business leaders.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.