NSO Group appears to be facing renewed scrutiny by the US Department of Justice months after leading technology companies said the spyware maker was “powerful and dangerous” and should be held liable to the country’s anti-hacking laws.
DoJ lawyers recently approached the messaging app WhatsApp with technical questions about the alleged targeting of 1,400 of its users by NSO Group’s government clients in 2019, according to a person with knowledge of the matter.
NSO Group was reportedly facing an FBI investigation in early 2020. People familiar with the matter said it had seemed to stall, but that the DoJ was showing renewed interest in the case.
It is not clear which suspected hacking targets DoJ investigators are examining or what phase the investigation is in.
WhatsApp declined to comment. NSO Group said it was not aware of an investigation.
The Israeli company, which makes hacking software that it sells to foreign governments and law enforcement authorities for the stated purpose of tracking terrorist and criminals, has faced a number of allegations that its clients have used its software to target journalists, government officials and human rights campaigners.
WhatsApp claimed in 2019 that NSO Group’s software had been used to target more than 1,400 of its own users, including one account with a Washington DC phone number. Other targets allegedly included politicians and activists in Spain, journalists in India and Morocco, Rwandan dissidents in Europe and pro-democracy clergy members in Togo.
WhatsApp filed a lawsuit against the company in the US, claiming NSO Group had played a role in executing the attack against its users. NSO Group has denied the claim and has said it ought to be immune from such lawsuits because its clients are foreign governments and it is they who are responsible for deploying the software.
A US appeal court judge will soon decide whether NSO Group should be granted sovereign immunity in the civil case WhatsApp brought against it.
Microsoft, Google and other US technology companies joined the fray last year, and in an unusual joint amicus brief argued that granting NSO Group – or any similar company – such immunity posed grave risks to global cybersecurity. An “immunised and expanded” spyware industry would lead to more foreign governments having access to “powerful and dangerous” cyber-surveillance tools, they said.
In a related blogpost in December, Microsoft’s president, Brad Smith, called on the incoming Biden administration to weigh in on the high-profile legal case, and compared NSO Group to 21st-century mercenaries. It is not clear why the DoJ’s investigation appeared to have stalled in the last year of Donald Trump’s administration, but sensitive investigations into foreign companies such as NSO Group, which is closely regulated by the Israeli defence ministry, tend to require cooperation with the US state department.