Facebook permanently deletes the accounts of NSO workers
A day after Facebook-owned WhatsApp sued NSO Group, the social media platform has permanently deleted the accounts of employees who work at the Israel-based spyware maker, according to message boards and a security researcher who spoke to one worker.
“Your account has been deleted for not following our terms,” said a message sent to one employee by Facebook-owned Instagram. “You won’t be able to log into this account, and no one else will be able to see it. We’re unable to restore accounts that are deleted for these types of violations.”
The action comes after WhatsApp sued NSO Group on Tuesday for allegedly mass exploiting a critical vulnerability that targeted 1,400 devices with spyware. WhatsApp presented evidence that about 100 of the targets were lawyers, dissidents, human-rights advocates, and other members of civil society. The exploits allowed the attackers to install spyware on iOS and Android phones simply by making a video call to the device.
According to WhatsApp, the attackers made the calls from WhatsApp accounts that were created for the purpose of infecting other WhatsApp users. The attackers also relied on WhatsApp servers to communicate with NSO-operated attack servers. The actions, WhatsApp said, violated not just its terms of service, but also the US Computer and Fraud Abuse Act.
The lawsuit seeks, among other things, a permanent injunction barring all NSO employees from “accessing or attempting to access WhatsApp’s or Facebook’s services, platform, and computer systems.”
A message board popular in Israel indicated that the deletion was widespread. “I had just personally verified it (I have friends working there),” one person wrote. “Ninety-eight percent of the company employees were blocked.”
Another person who claimed to work at NSO responded to say he or she hadn’t been blocked. Another person claiming to be an NSO employee complained bitterly on LinkedIn. An Israel-based security researcher who spoke to an NSO employee said the deletions affected a much smaller percentage of the company’s employees and didn’t involve WhatsApp accounts.
WhatsApp representatives declined to comment. NSO representatives didn’t immediately respond to an email.