In the complaint process of Facebook Mother Meta platforms against the Israeli spyware company NSO group, the details of monitoring attacks on WhatsApp users have been known. Accordingly, 1223 users were attacked in 51 different countries in just two months. The recently released court documents mention those individual countries that have locations to be used for the victims as well as the attackers and servers used for attacks.
Facebook had already filed a case against the Israeli WhatsApp hacker in 2019 and spoke of 1400 affected users. These included journalists, lawyers, human rights activists and other government critics. In addition, government employees and military people from at least 20 countries should have been hacked with Pegasus. Now Shows court documentsIn which countries the victims of this hacking campaign in April and May 2019 and where did these attacks come from.
Mexico with the most spyware victims
Accordingly, most of the victims were located in Mexico, ie 456 persons. There were also many victims in India (100), Bahrain (82), Morocco (69), Pakistan (58), Indonesia (54) and Israel (51). Many people were also impressed in Cyprus (31) and Türkiye (26). There were less cases in western Europe, but at least 21 in Spain, 11 in the Netherlands, 7 in France, 4 in Belgium, 4 in Finland, 3 in Switzerland 3 and 2 each in Germany with each.
Also read
“Over the years, many news articles have been written, documenting the use of Pegasus for the target fight against victims worldwide,” Safety expert Run Sandwick says Opposite techcrunch“Whatever often disappears in these articles is the correct limit of attacks, the number of-podds who have not been informed, whose equipment has not been investigated and it has decided to not share their history publicly. The list that we see here in Mexico as well as 456 cases in Mexico, a country, which is a country, which is a country, which is a country with a civil society, which is a country, which is a country, which is a country, which is a country, which is a country with a civil society. About the famous victims. “
Attacks and server locations
The list of potential origin of the attacks, which was also presented by WhatsApp to the court and which has now been published, is interesting. Accordingly, 60 attacks from Sweden, 56 from Cyprus, 39 from Netherlands and 9 from Indonesia. This list is not complete, but it shows that the attackers and the victims are not always in the same country. Because no one was clearly suffering in Sweden, but there were many attacks from there. And the number of attacks in the Netherlands is clearly more than the number of victims there.
Command-and-control infrastructure used for attacks is also widely distributed internationally. These so -called C2 servers pretend to be common data traffic to stay as long as possible as much as possible, but use back doors for monitoring, for example. WhatsApp has found many of these C2 servers in Hungary and Great Britain, but some also in Netherlands and Sweden. A C2 server was also localized in Germany.
NSO: Half -TRUTHS and Torn from Reference
On the request of a WhatsApp spokesperson Techchchan, he did not want to comment on the document of this court, but the NSO group said Israeli magazine ctech: “The list presented to us is an interpretation of information that has been torn from reference, as well as a half -trunk and meta claims for claims of claims who have already denied claims and are still denying in legal disputes. For example, the fact that a suspect’s phone is not allowed to be recognized in a certain field,”
At the end of 2024, WhatsApp won a legal dispute against the NSO group. The US district court condemned the spyware manufacturer for computer fraud and misuse. This year, only the question of loss should be interacted. The process (AZ. 19-CV-07123), from which the above court document also comes, is not yet completed. The NSO group is moving forward.
(FDS)
